Gregory Neil Shapiro wrote: > pmc> While it is true that the said sendmail-option solves the problem > pmc> (if sendmail is new enough to understand it), I could nowhere find > pmc> information on how to fix the bug in the nameserver - that is, > pmc> in the nameserver that is packaged with FreeBSD 4.4 or 4.7. > > FreeBSD's nameserver is fine. The problem is the remote nameserver > authorative for the domain in question. That nameserver is incorrectly > returning SERVFAIL instead of NODATA (or possibly NXDOMAIN) for AAAA > queries. Nothing needs to be fixed in FreeBSD's nameserver.
However, it's possible to address the problem by placing a caching-only nameserver between you and the nameserver with the problem, and hitting the local nameserver, and letting it recurse only if the data isn't in cache. This will address the second and subsequent requests, but the first one will still take however long it takes the proxy request to time out, before the cache is loaded (and converts the SERVFAIL into a NODATA, but only for AAAA or A6 requests that receive no response or a SERVFAIL response). It's also possible to rip out IPv6 support entirely, which is what the people who won't fix their nameserver software are tacitly recommending. It's also possible to achieve the same effect by creating a proxy that rejects all IPv6 address requests immediately with NODATA (or NXDOMAIN), which has the benefit of still screwing up IPv6 deployment, but without mutilating all the applications. I would be real tempted to automatically generate complaint email to the technical contact in the whois database for all AAAA/A6 requests that fail that way, instead, if the delay bthered me (which it doesn't). -- Terry To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
