Instead of getting back a response indicating there is no AAAA record, the resolver continues to look for a AAAA record until a timeout (a minute or so), where it then switches to looking for an A record, which is found immediately (as a CNAME).
I'm using named (8.3.7, default nameserver) on 4.11, and as far as I can tell haven't changed anything that would have caused this behavior.
If I switch resolv.conf to use the ISP's nameserver, I get a "correct" response, so the AAAA fails immediately and the resolver moves on to an A query, where it connects.
Nothing useful shows up in the named logs, and I'm at a loss of what I changed that causes this strange behavior.
To generate these requests, I simply do:
telnet www.43things.com 80
Connecting with a TCP Socket via Ruby does the same thing:
ruby -rsocket -e 'TCPSocket.open("www.43things.com", 80).close'Note that www.43things.com is a CNAME for 43things.com:
$ host www.43things.com www.43things.com is a nickname for 43things.com 43things.com has address 65.61.137.67 43things.com mail is handled (pri=10) by mail.43things.com
I have the same problem with, for example docs.freebsd.org but not www.freebsd.org.
The only thing I've changed on the nameserver is adding a few unrelated zones in named.conf, and an upgrade from 4.10 to 4.11-p2, then to 4.11-p4.
Clients show the same behavior, the box running the nameserver, the rest of the 4.11-p2 machines, and OS X 10.3.9. (OS X tries an A lookup first, then tries a AAAA lookup. The AAAA has the same multiple request problem.)
I've tried both INET6 and INET6-less kernel with no effect (it was one of the things that has recently changed), and as far as I can tell, I can't disable AAAA lookups with the resolver in libc on 4.x.
Relevent uname/named version output for the machines at the bottom.
Here's a packet trace of the offending behavior. RUR-1 and 192.168.1.11 are the same machine.
Using the local nameserver:
11:40:22.970554 RUR-1.coop.robotcoop.com.2525 > RUR-5.coop.robotcoop.com.domain: 13450+ AAAA? www.43things.com. (34)
11:40:22.983842 RUR-5.coop.robotcoop.com.domain > RUR-1.coop.robotcoop.com.2525: 13450 0/0/0 (30)
... many times until finally:
11:41:38.256714 RUR-1.coop.robotcoop.com.4313 > RUR-5.coop.robotcoop.com.domain: 13451+ A? www.43things.com. (34)
11:41:38.257715 RUR-5.coop.robotcoop.com.domain > RUR-1.coop.robotcoop.com.4313: 13451 2/13/13 CNAME 43things.com., (483)
where the connection completes.
Same with docs.freebsd.org:
14:02:58.325712 RUR-1.coop.robotcoop.com.2264 > RUR-5.coop.robotcoop.com.domain: 29045+ AAAA? docs.freebsd.org. (34)
14:02:58.337935 RUR-5.coop.robotcoop.com.domain > RUR-1.coop.robotcoop.com.2264: 29045 0/0/0 (33)
...
14:04:13.392256 RUR-1.coop.robotcoop.com.4309 > RUR-5.coop.robotcoop.com.domain: 29046+ A? docs.freebsd.org. (34)
14:04:13.393296 RUR-5.coop.robotcoop.com.domain > RUR-1.coop.robotcoop.com.4309: 29046 2/13/13 CNAME www.freebsd.org., (487)
But with a domain that points to an A:
14:06:12.686424 RUR-1.coop.robotcoop.com.2833 > RUR-5.coop.robotcoop.com.domain: 61817+ AAAA? 43things.com. (30)
14:06:12.698061 RUR-5.coop.robotcoop.com.domain > RUR-1.coop.robotcoop.com.2833: 61817 0/0/0 (30)
14:06:12.698350 RUR-1.coop.robotcoop.com.gridgen-elmd > RUR-5.coop.robotcoop.com.domain: 61818+ A? 43things.com. (30)
14:06:12.699202 RUR-5.coop.robotcoop.com.domain > RUR-1.coop.robotcoop.com.gridgen-elmd: 61818 1/13/13 A www.43things.com (465)
Using our ISP's nameserver:
11:42:54.267003 192.168.1.11.3502 > dns.sea1.speakeasy.net.domain: 210+ AAAA? www.43things.com. (34)
11:42:54.279814 dns.sea1.speakeasy.net.domain > 192.168.1.11.3502: 210 1/0/0 CNAME 43things.com. (48)
11:42:54.279883 192.168.1.11.3096 > dns.sea1.speakeasy.net.domain: 211+ A? www.43things.com. (34)
11:42:54.294253 dns.sea1.speakeasy.net.domain > 192.168.1.11.3096: 211 2/0/0 CNAME 43things.com., (64)
and the connection completes immediately.
The client fails with both a kernel without INET6:
$ uname -a
FreeBSD RUR-1.coop.robotcoop.com 4.11-RELEASE-p2 FreeBSD 4.11-RELEASE-p2 #3: Tue Apr 12 23:37:44 PDT 2005 [EMAIL PROTECTED]:/usr/obj/usr/src/sys/RUR i386
and a kernel with INET6:
$ uname -a
FreeBSD RUR-1.coop.robotcoop.com 4.11-RELEASE-p4 FreeBSD 4.11-RELEASE-p4 #4: Mon Apr 25 12:27:21 PDT 2005 [EMAIL PROTECTED]:/usr/obj/usr/src/sys/RUR i386
The server running named is:
$ uname -a
FreeBSD RUR-5.coop.robotcoop.com 4.11-RELEASE-p4 FreeBSD 4.11-RELEASE-p4 #2: Fri Apr 22 16:34:41 PDT 2005 [EMAIL PROTECTED]:/usr/obj/usr/src/sys/RUR i386
$ named -v
named 8.3.7-REL Fri Apr 22 16:07:00 PDT 2005
[EMAIL PROTECTED]:/usr/obj/usr/src/usr.sbin/named
And it breaks even with an INET6 kernel:
$ uname -a
FreeBSD RUR-5.coop.robotcoop.com 4.11-RELEASE-p4 FreeBSD 4.11-RELEASE-p4 #3: Mon Apr 25 12:44:36 PDT 2005 [EMAIL PROTECTED]:/usr/obj/usr/src/sys/RUR i386
-- Eric Hodel - [EMAIL PROTECTED] - http://segment7.net FEC2 57F1 D465 EB15 5D6E 7C11 332A 551C 796C 9F04
_______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
