On Sat, Nov 8, 2008 at 7:55 PM, mdh <[EMAIL PROTECTED]> wrote: > --- On Sat, 11/8/08, David Horn <[EMAIL PROTECTED]> wrote: >> From: David Horn <[EMAIL PROTECTED]> >> Subject: Re: host -6 failure >> To: [EMAIL PROTECTED] >> Cc: freebsd-questions@freebsd.org >> Date: Saturday, November 8, 2008, 7:25 PM >> On Fri, Nov 7, 2008 at 2:18 PM, mdh >> <[EMAIL PROTECTED]> wrote: >> > Howdy folks, >> > I'm having a little trouble understanding a >> problem that the `host` command in RELENG_7_0 (very recent) >> is having. This is by and large my first time working with >> IPv6, which I've been meaning to learn for some time. >> First off, I've got my zone file configured to return a >> AAAA record for x1.mydomain and named isn't complaining. >> However, when I run `host -6 x1.mydomain`, host returns the >> following output: >> > >> > ([EMAIL PROTECTED]) [/etc/namedb]: host -6 x1.mydomain >> > >> /usr/src/lib/bind/isc/../../../contrib/bind9/lib/isc/unix/socket.c:1179: >> internal_send: ::ffff:127.0.0.1#53: Invalid argument >> > >> /usr/src/lib/bind/isc/../../../contrib/bind9/lib/isc/unix/socket.c:1179: >> internal_send: ::ffff:IP.IP.IP.8#53: Invalid argument >> > >> /usr/src/lib/bind/isc/../../../contrib/bind9/lib/isc/unix/socket.c:1179: >> internal_send: ::ffff:127.0.0.1#53: Invalid argument >> > >> /usr/src/lib/bind/isc/../../../contrib/bind9/lib/isc/unix/socket.c:1179: >> internal_send: ::ffff:IP.IP.IP.8#53: Invalid argument >> > ;; connection timed out; no servers could be reached >> >> The '-6' on the command line for host(1) forces an >> IPv6 only >> connection to your nameserver, not necessarily a >> "AAAA" query for the >> hostname in question. In this case, your nameservers >> listed in the >> warnings are IPv4 nameservers that host(1) is attempting to >> connect to >> using an ipv4 mapped ipv6 address (which by default is >> disabled in the >> kernel) In other words, don't use host -6 for this >> scenario. > > Yet as I pointed out, the second nameserver in my resolv.conf is ::1 - so > shouldn't it work with that? It's clearly trying to contact the first and > third nameservers listed. If the behavior I'm experiencing is the proper > behavior, then let me pose this question: when would anyone conceivably want > to use the -6 option, and why does it exist? My intent was to force a query > to hit the nameserver on ::1 rather than 127.0.0.1. > >> >> Most recent versions of the host(1) command will do both >> "A" (IPv4 >> host record), and "AAAA" (IPv6 host record) >> lookups for you >> automatically. For example: >> >> host www.kame.net >> www.kame.net has address 203.178.141.194 >> www.kame.net has IPv6 address >> 2001:200:0:8002:203:47ff:fea5:3085 >> >> > >> > IP.IP.IP.8 is my ISP's DNS server, and is a third >> option just in case the localhost DNS server crashes or goes >> batty while I'm out drinking or somesuch. Here's my >> resolv.conf, which shows ::1 listed as the second nameserver >> entry - however, it seems host -6 never even tries it. >> > >> > domain mydomain >> > search mydomain >> > nameserver 127.0.0.1 >> > nameserver ::1 >> > nameserver IP.IP.IP.8 >> > >> > The DNS server running on localhost is authoritative >> for mydomain. I can ping it via localhost using both v4 and >> v6, and I can also ping the external v4 and v6 addresses >> just fine remotely. >> > >> > As I said, I'm new to IPv6, but this behavior >> seems to be counterintuitive. Am I just doing it wrong? >> > >> >> For diagnosing your own nameservers, you are better off >> using the >> dig(1) utility. >> >> Example: >> >> dig ipv6.google.com AAAA @::1 >> >> This causes a dns query for an IPv6 address (aka >> "AAAA" query) for the >> hostname of "ipv6.google.com" using the >> nameserver on the IPv6 >> localhost loopback address (::1), and will give a very nice >> verbose >> output. man dig for more details. > > That is more useful, but still doesn't stifle my desire to stomp a potential > bug in the base system.
Right after sending, I realized that I did not tell you all of the answer.... host(1) will successfully query ::1 when named is setup to listen on ::1 in named.conf, and ::1 is listed in /etc/resolv.conf (I just ran a test on my box to be sure that it works this way with the -6 switch) Example line from /etc/namedb/named.conf: listen-on-v6 { ::1; any; }; And of course you need to restart named after the config change( /etc/rc.d/named restart) To make sure that it is listening on the IPv6 loopback address: netstat -anW -f inet6 I do not remember the minimum version of bind (aka named) required for IPv6 off the top of my head, but I am running 9.4.2-P2 on my IPv6 machine. -_Dave > >> >> Good Luck. >> >> BTW, if you have not already setup an IPv6 tunnel to the >> internet, I >> highly recommend SixXS's (www.sixxs.net) free tunnels >> (and the >> sixxs-aiccu port), or you can look at Hurricane Electric >> (www.he.net), >> and some other tunnel brokers as well. > > Actually this system is located at HE. :) > > Thanks, > - mdh > > > > > _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"