Re: host -6 failure
--- On Sun, 11/9/08, David Horn [EMAIL PROTECTED] wrote: From: David Horn [EMAIL PROTECTED] Subject: Re: host -6 failure To: [EMAIL PROTECTED] Cc: freebsd-questions@freebsd.org Date: Sunday, November 9, 2008, 8:34 PM On Sun, Nov 9, 2008 at 3:13 AM, mdh [EMAIL PROTECTED] wrote: --- On Sat, 11/8/08, David Horn [EMAIL PROTECTED] wrote: From: David Horn [EMAIL PROTECTED] Subject: Re: host -6 failure To: [EMAIL PROTECTED] Cc: freebsd-questions@freebsd.org Date: Saturday, November 8, 2008, 8:10 PM On Sat, Nov 8, 2008 at 7:55 PM, mdh [EMAIL PROTECTED] wrote: --- On Sat, 11/8/08, David Horn [EMAIL PROTECTED] wrote: From: David Horn [EMAIL PROTECTED] Subject: Re: host -6 failure To: [EMAIL PROTECTED] Cc: freebsd-questions@freebsd.org Date: Saturday, November 8, 2008, 7:25 PM On Fri, Nov 7, 2008 at 2:18 PM, mdh [EMAIL PROTECTED] wrote: Howdy folks, I'm having a little trouble understanding a problem that the `host` command in RELENG_7_0 (very recent) is having. The '-6' on the command line for host(1) forces an IPv6 only connection to your nameserver, not necessarily a query for the hostname in question. In this case, your nameservers listed in the warnings are IPv4 nameservers that host(1) is attempting to connect to using an ipv4 mapped ipv6 address (which by default is disabled in the kernel) In other words, don't use host -6 for this scenario. Yet as I pointed out, the second nameserver in my resolv.conf is ::1 - so shouldn't it work with that? It's clearly trying to contact the first and third nameservers listed. If the behavior I'm experiencing is the proper behavior, then let me pose this question: when would anyone conceivably want to use the -6 option, and why does it exist? My intent was to force a query to hit the nameserver on ::1 rather than 127.0.0.1. domain mydomain search mydomain nameserver 127.0.0.1 nameserver ::1 nameserver IP.IP.IP.8 The DNS server running on localhost is authoritative for mydomain. I can ping it via localhost using both v4 and v6, and I can also ping the external v4 and v6 addresses just fine remotely. As I said, I'm new to IPv6, but this behavior seems to be counterintuitive. Am I just doing it wrong? For diagnosing your own nameservers, you are better off using the dig(1) utility. Example: dig ipv6.google.com @::1 This causes a dns query for an IPv6 address (aka query) for the hostname of ipv6.google.com using the nameserver on the IPv6 localhost loopback address (::1), and will give a very nice verbose output. man dig for more details. That is more useful, but still doesn't stifle my desire to stomp a potential bug in the base system. Right after sending, I realized that I did not tell you all of the answer host(1) will successfully query ::1 when named is setup to listen on ::1 in named.conf, and ::1 is listed in /etc/resolv.conf (I just ran a test on my box to be sure that it works this way with the -6 switch) Example line from /etc/namedb/named.conf: listen-on-v6{ ::1; any; }; And of course you need to restart named after the config change( /etc/rc.d/named restart) To make sure that it is listening on the IPv6 loopback address: netstat -anW -f inet6 I do not remember the minimum version of bind (aka named) required for IPv6 off the top of my head, but I am running 9.4.2-P2 on my IPv6 machine. All of the conditions for success are true, however it fails. My DNS server software is responsing on ::1 port 53 (tcp and udp), and ::1 is the second nameserver listed in resolv.conf. Still, host -6 fails as previously stated... According to what you've said so far, this leads me to believe that it ought to work as expected, and not error out in the way I'm seeing. Am I missing something here? Is my lack of general IPv6 knowledge causing me to blindly assume something incorrectly? If all of the conditions for success were true, you would *not* be having a problem. You are likely missing something simple. I suggest that you read about about general IPv6 network troubleshooting, and bind. The handbook has some good information here: http://www.freebsd.org/doc/en/books/handbook/network-dns.html http://www.freebsd.org/doc/en/books/handbook/network-ipv6.html http://www.freebsd.org/doc/en/books/developers-handbook/ipv6.html You have yet to provide any new diagnostic output. What was the result of: netstat -anW -f inet6 Proto Recv-Q Send-Q Local Address Foreign Address(state) tcp6 0 0 *.53 *.* LISTEN tcp6 0 0 *.22
Re: host -6 failure
On Mon, Nov 10, 2008 at 10:31 AM, mdh [EMAIL PROTECTED] wrote: --- On Sun, 11/9/08, David Horn [EMAIL PROTECTED] wrote: From: David Horn [EMAIL PROTECTED] Subject: Re: host -6 failure To: [EMAIL PROTECTED] Cc: freebsd-questions@freebsd.org Date: Sunday, November 9, 2008, 8:34 PM On Sun, Nov 9, 2008 at 3:13 AM, mdh [EMAIL PROTECTED] wrote: --- On Sat, 11/8/08, David Horn [EMAIL PROTECTED] wrote: From: David Horn [EMAIL PROTECTED] Subject: Re: host -6 failure To: [EMAIL PROTECTED] Cc: freebsd-questions@freebsd.org Date: Saturday, November 8, 2008, 8:10 PM On Sat, Nov 8, 2008 at 7:55 PM, mdh [EMAIL PROTECTED] wrote: --- On Sat, 11/8/08, David Horn [EMAIL PROTECTED] wrote: From: David Horn [EMAIL PROTECTED] Subject: Re: host -6 failure To: [EMAIL PROTECTED] Cc: freebsd-questions@freebsd.org Date: Saturday, November 8, 2008, 7:25 PM On Fri, Nov 7, 2008 at 2:18 PM, mdh [EMAIL PROTECTED] wrote: Howdy folks, I'm having a little trouble understanding a problem that the `host` command in RELENG_7_0 (very recent) is having. The '-6' on the command line for host(1) forces an IPv6 only connection to your nameserver, not necessarily a query for the hostname in question. In this case, your nameservers listed in the warnings are IPv4 nameservers that host(1) is attempting to connect to using an ipv4 mapped ipv6 address (which by default is disabled in the kernel) In other words, don't use host -6 for this scenario. Yet as I pointed out, the second nameserver in my resolv.conf is ::1 - so shouldn't it work with that? It's clearly trying to contact the first and third nameservers listed. If the behavior I'm experiencing is the proper behavior, then let me pose this question: when would anyone conceivably want to use the -6 option, and why does it exist? My intent was to force a query to hit the nameserver on ::1 rather than 127.0.0.1. domain mydomain search mydomain nameserver 127.0.0.1 nameserver ::1 nameserver IP.IP.IP.8 The DNS server running on localhost is authoritative for mydomain. I can ping it via localhost using both v4 and v6, and I can also ping the external v4 and v6 addresses just fine remotely. As I said, I'm new to IPv6, but this behavior seems to be counterintuitive. Am I just doing it wrong? For diagnosing your own nameservers, you are better off using the dig(1) utility. Example: dig ipv6.google.com @::1 This causes a dns query for an IPv6 address (aka query) for the hostname of ipv6.google.com using the nameserver on the IPv6 localhost loopback address (::1), and will give a very nice verbose output. man dig for more details. That is more useful, but still doesn't stifle my desire to stomp a potential bug in the base system. Right after sending, I realized that I did not tell you all of the answer host(1) will successfully query ::1 when named is setup to listen on ::1 in named.conf, and ::1 is listed in /etc/resolv.conf (I just ran a test on my box to be sure that it works this way with the -6 switch) Example line from /etc/namedb/named.conf: listen-on-v6{ ::1; any; }; And of course you need to restart named after the config change( /etc/rc.d/named restart) To make sure that it is listening on the IPv6 loopback address: netstat -anW -f inet6 I do not remember the minimum version of bind (aka named) required for IPv6 off the top of my head, but I am running 9.4.2-P2 on my IPv6 machine. All of the conditions for success are true, however it fails. My DNS server software is responsing on ::1 port 53 (tcp and udp), and ::1 is the second nameserver listed in resolv.conf. Still, host -6 fails as previously stated... According to what you've said so far, this leads me to believe that it ought to work as expected, and not error out in the way I'm seeing. Am I missing something here? Is my lack of general IPv6 knowledge causing me to blindly assume something incorrectly? If all of the conditions for success were true, you would *not* be having a problem. You are likely missing something simple. I suggest that you read about about general IPv6 network troubleshooting, and bind. The handbook has some good information here: http://www.freebsd.org/doc/en/books/handbook/network-dns.html http://www.freebsd.org/doc/en/books/handbook/network-ipv6.html http://www.freebsd.org/doc/en/books/developers-handbook/ipv6.html You have yet to provide any new diagnostic output. What was the result of: netstat -anW -f inet6 Proto Recv-Q Send-Q Local Address Foreign Address(state) tcp6 0 0 *.53
Re: host -6 failure
--- On Sat, 11/8/08, David Horn [EMAIL PROTECTED] wrote: From: David Horn [EMAIL PROTECTED] Subject: Re: host -6 failure To: [EMAIL PROTECTED] Cc: freebsd-questions@freebsd.org Date: Saturday, November 8, 2008, 8:10 PM On Sat, Nov 8, 2008 at 7:55 PM, mdh [EMAIL PROTECTED] wrote: --- On Sat, 11/8/08, David Horn [EMAIL PROTECTED] wrote: From: David Horn [EMAIL PROTECTED] Subject: Re: host -6 failure To: [EMAIL PROTECTED] Cc: freebsd-questions@freebsd.org Date: Saturday, November 8, 2008, 7:25 PM On Fri, Nov 7, 2008 at 2:18 PM, mdh [EMAIL PROTECTED] wrote: Howdy folks, I'm having a little trouble understanding a problem that the `host` command in RELENG_7_0 (very recent) is having. The '-6' on the command line for host(1) forces an IPv6 only connection to your nameserver, not necessarily a query for the hostname in question. In this case, your nameservers listed in the warnings are IPv4 nameservers that host(1) is attempting to connect to using an ipv4 mapped ipv6 address (which by default is disabled in the kernel) In other words, don't use host -6 for this scenario. Yet as I pointed out, the second nameserver in my resolv.conf is ::1 - so shouldn't it work with that? It's clearly trying to contact the first and third nameservers listed. If the behavior I'm experiencing is the proper behavior, then let me pose this question: when would anyone conceivably want to use the -6 option, and why does it exist? My intent was to force a query to hit the nameserver on ::1 rather than 127.0.0.1. domain mydomain search mydomain nameserver 127.0.0.1 nameserver ::1 nameserver IP.IP.IP.8 The DNS server running on localhost is authoritative for mydomain. I can ping it via localhost using both v4 and v6, and I can also ping the external v4 and v6 addresses just fine remotely. As I said, I'm new to IPv6, but this behavior seems to be counterintuitive. Am I just doing it wrong? For diagnosing your own nameservers, you are better off using the dig(1) utility. Example: dig ipv6.google.com @::1 This causes a dns query for an IPv6 address (aka query) for the hostname of ipv6.google.com using the nameserver on the IPv6 localhost loopback address (::1), and will give a very nice verbose output. man dig for more details. That is more useful, but still doesn't stifle my desire to stomp a potential bug in the base system. Right after sending, I realized that I did not tell you all of the answer host(1) will successfully query ::1 when named is setup to listen on ::1 in named.conf, and ::1 is listed in /etc/resolv.conf (I just ran a test on my box to be sure that it works this way with the -6 switch) Example line from /etc/namedb/named.conf: listen-on-v6{ ::1; any; }; And of course you need to restart named after the config change( /etc/rc.d/named restart) To make sure that it is listening on the IPv6 loopback address: netstat -anW -f inet6 I do not remember the minimum version of bind (aka named) required for IPv6 off the top of my head, but I am running 9.4.2-P2 on my IPv6 machine. All of the conditions for success are true, however it fails. My DNS server software is responsing on ::1 port 53 (tcp and udp), and ::1 is the second nameserver listed in resolv.conf. Still, host -6 fails as previously stated... According to what you've said so far, this leads me to believe that it ought to work as expected, and not error out in the way I'm seeing. Am I missing something here? Is my lack of general IPv6 knowledge causing me to blindly assume something incorrectly? Thanks, Matt ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: host -6 failure
On Sun, Nov 9, 2008 at 3:13 AM, mdh [EMAIL PROTECTED] wrote: --- On Sat, 11/8/08, David Horn [EMAIL PROTECTED] wrote: From: David Horn [EMAIL PROTECTED] Subject: Re: host -6 failure To: [EMAIL PROTECTED] Cc: freebsd-questions@freebsd.org Date: Saturday, November 8, 2008, 8:10 PM On Sat, Nov 8, 2008 at 7:55 PM, mdh [EMAIL PROTECTED] wrote: --- On Sat, 11/8/08, David Horn [EMAIL PROTECTED] wrote: From: David Horn [EMAIL PROTECTED] Subject: Re: host -6 failure To: [EMAIL PROTECTED] Cc: freebsd-questions@freebsd.org Date: Saturday, November 8, 2008, 7:25 PM On Fri, Nov 7, 2008 at 2:18 PM, mdh [EMAIL PROTECTED] wrote: Howdy folks, I'm having a little trouble understanding a problem that the `host` command in RELENG_7_0 (very recent) is having. The '-6' on the command line for host(1) forces an IPv6 only connection to your nameserver, not necessarily a query for the hostname in question. In this case, your nameservers listed in the warnings are IPv4 nameservers that host(1) is attempting to connect to using an ipv4 mapped ipv6 address (which by default is disabled in the kernel) In other words, don't use host -6 for this scenario. Yet as I pointed out, the second nameserver in my resolv.conf is ::1 - so shouldn't it work with that? It's clearly trying to contact the first and third nameservers listed. If the behavior I'm experiencing is the proper behavior, then let me pose this question: when would anyone conceivably want to use the -6 option, and why does it exist? My intent was to force a query to hit the nameserver on ::1 rather than 127.0.0.1. domain mydomain search mydomain nameserver 127.0.0.1 nameserver ::1 nameserver IP.IP.IP.8 The DNS server running on localhost is authoritative for mydomain. I can ping it via localhost using both v4 and v6, and I can also ping the external v4 and v6 addresses just fine remotely. As I said, I'm new to IPv6, but this behavior seems to be counterintuitive. Am I just doing it wrong? For diagnosing your own nameservers, you are better off using the dig(1) utility. Example: dig ipv6.google.com @::1 This causes a dns query for an IPv6 address (aka query) for the hostname of ipv6.google.com using the nameserver on the IPv6 localhost loopback address (::1), and will give a very nice verbose output. man dig for more details. That is more useful, but still doesn't stifle my desire to stomp a potential bug in the base system. Right after sending, I realized that I did not tell you all of the answer host(1) will successfully query ::1 when named is setup to listen on ::1 in named.conf, and ::1 is listed in /etc/resolv.conf (I just ran a test on my box to be sure that it works this way with the -6 switch) Example line from /etc/namedb/named.conf: listen-on-v6{ ::1; any; }; And of course you need to restart named after the config change( /etc/rc.d/named restart) To make sure that it is listening on the IPv6 loopback address: netstat -anW -f inet6 I do not remember the minimum version of bind (aka named) required for IPv6 off the top of my head, but I am running 9.4.2-P2 on my IPv6 machine. All of the conditions for success are true, however it fails. My DNS server software is responsing on ::1 port 53 (tcp and udp), and ::1 is the second nameserver listed in resolv.conf. Still, host -6 fails as previously stated... According to what you've said so far, this leads me to believe that it ought to work as expected, and not error out in the way I'm seeing. Am I missing something here? Is my lack of general IPv6 knowledge causing me to blindly assume something incorrectly? If all of the conditions for success were true, you would *not* be having a problem. You are likely missing something simple. I suggest that you read about about general IPv6 network troubleshooting, and bind. The handbook has some good information here: http://www.freebsd.org/doc/en/books/handbook/network-dns.html http://www.freebsd.org/doc/en/books/handbook/network-ipv6.html http://www.freebsd.org/doc/en/books/developers-handbook/ipv6.html You have yet to provide any new diagnostic output. What was the result of: netstat -anW -f inet6 dig ipv6.google.com @::1 named -version Do not get hung up on the output of host(1) without trying to diagnose the root problem (your nameserver working properly on ipv6). Once you fix the root problem, the other problems will go away. If in doubt, run a tcpdump or wireshark trace, and make sure that your firewall is not getting in the way. -_Dave Thanks, Matt ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: host -6 failure
On Sat, Nov 8, 2008 at 7:55 PM, mdh [EMAIL PROTECTED] wrote: --- On Sat, 11/8/08, David Horn [EMAIL PROTECTED] wrote: From: David Horn [EMAIL PROTECTED] Subject: Re: host -6 failure To: [EMAIL PROTECTED] Cc: freebsd-questions@freebsd.org Date: Saturday, November 8, 2008, 7:25 PM On Fri, Nov 7, 2008 at 2:18 PM, mdh [EMAIL PROTECTED] wrote: Howdy folks, I'm having a little trouble understanding a problem that the `host` command in RELENG_7_0 (very recent) is having. This is by and large my first time working with IPv6, which I've been meaning to learn for some time. First off, I've got my zone file configured to return a record for x1.mydomain and named isn't complaining. However, when I run `host -6 x1.mydomain`, host returns the following output: ([EMAIL PROTECTED]) [/etc/namedb]: host -6 x1.mydomain /usr/src/lib/bind/isc/../../../contrib/bind9/lib/isc/unix/socket.c:1179: internal_send: :::127.0.0.1#53: Invalid argument /usr/src/lib/bind/isc/../../../contrib/bind9/lib/isc/unix/socket.c:1179: internal_send: :::IP.IP.IP.8#53: Invalid argument /usr/src/lib/bind/isc/../../../contrib/bind9/lib/isc/unix/socket.c:1179: internal_send: :::127.0.0.1#53: Invalid argument /usr/src/lib/bind/isc/../../../contrib/bind9/lib/isc/unix/socket.c:1179: internal_send: :::IP.IP.IP.8#53: Invalid argument ;; connection timed out; no servers could be reached The '-6' on the command line for host(1) forces an IPv6 only connection to your nameserver, not necessarily a query for the hostname in question. In this case, your nameservers listed in the warnings are IPv4 nameservers that host(1) is attempting to connect to using an ipv4 mapped ipv6 address (which by default is disabled in the kernel) In other words, don't use host -6 for this scenario. Yet as I pointed out, the second nameserver in my resolv.conf is ::1 - so shouldn't it work with that? It's clearly trying to contact the first and third nameservers listed. If the behavior I'm experiencing is the proper behavior, then let me pose this question: when would anyone conceivably want to use the -6 option, and why does it exist? My intent was to force a query to hit the nameserver on ::1 rather than 127.0.0.1. Most recent versions of the host(1) command will do both A (IPv4 host record), and (IPv6 host record) lookups for you automatically. For example: host www.kame.net www.kame.net has address 203.178.141.194 www.kame.net has IPv6 address 2001:200:0:8002:203:47ff:fea5:3085 IP.IP.IP.8 is my ISP's DNS server, and is a third option just in case the localhost DNS server crashes or goes batty while I'm out drinking or somesuch. Here's my resolv.conf, which shows ::1 listed as the second nameserver entry - however, it seems host -6 never even tries it. domain mydomain search mydomain nameserver 127.0.0.1 nameserver ::1 nameserver IP.IP.IP.8 The DNS server running on localhost is authoritative for mydomain. I can ping it via localhost using both v4 and v6, and I can also ping the external v4 and v6 addresses just fine remotely. As I said, I'm new to IPv6, but this behavior seems to be counterintuitive. Am I just doing it wrong? For diagnosing your own nameservers, you are better off using the dig(1) utility. Example: dig ipv6.google.com @::1 This causes a dns query for an IPv6 address (aka query) for the hostname of ipv6.google.com using the nameserver on the IPv6 localhost loopback address (::1), and will give a very nice verbose output. man dig for more details. That is more useful, but still doesn't stifle my desire to stomp a potential bug in the base system. Right after sending, I realized that I did not tell you all of the answer host(1) will successfully query ::1 when named is setup to listen on ::1 in named.conf, and ::1 is listed in /etc/resolv.conf (I just ran a test on my box to be sure that it works this way with the -6 switch) Example line from /etc/namedb/named.conf: listen-on-v6{ ::1; any; }; And of course you need to restart named after the config change( /etc/rc.d/named restart) To make sure that it is listening on the IPv6 loopback address: netstat -anW -f inet6 I do not remember the minimum version of bind (aka named) required for IPv6 off the top of my head, but I am running 9.4.2-P2 on my IPv6 machine. -_Dave Good Luck. BTW, if you have not already setup an IPv6 tunnel to the internet, I highly recommend SixXS's (www.sixxs.net) free tunnels (and the sixxs-aiccu port), or you can look at Hurricane Electric (www.he.net), and some other tunnel brokers as well. Actually this system is located at HE. :) Thanks, - mdh ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL
Re: host -6 failure
On Fri, Nov 7, 2008 at 2:18 PM, mdh [EMAIL PROTECTED] wrote: Howdy folks, I'm having a little trouble understanding a problem that the `host` command in RELENG_7_0 (very recent) is having. This is by and large my first time working with IPv6, which I've been meaning to learn for some time. First off, I've got my zone file configured to return a record for x1.mydomain and named isn't complaining. However, when I run `host -6 x1.mydomain`, host returns the following output: ([EMAIL PROTECTED]) [/etc/namedb]: host -6 x1.mydomain /usr/src/lib/bind/isc/../../../contrib/bind9/lib/isc/unix/socket.c:1179: internal_send: :::127.0.0.1#53: Invalid argument /usr/src/lib/bind/isc/../../../contrib/bind9/lib/isc/unix/socket.c:1179: internal_send: :::IP.IP.IP.8#53: Invalid argument /usr/src/lib/bind/isc/../../../contrib/bind9/lib/isc/unix/socket.c:1179: internal_send: :::127.0.0.1#53: Invalid argument /usr/src/lib/bind/isc/../../../contrib/bind9/lib/isc/unix/socket.c:1179: internal_send: :::IP.IP.IP.8#53: Invalid argument ;; connection timed out; no servers could be reached The '-6' on the command line for host(1) forces an IPv6 only connection to your nameserver, not necessarily a query for the hostname in question. In this case, your nameservers listed in the warnings are IPv4 nameservers that host(1) is attempting to connect to using an ipv4 mapped ipv6 address (which by default is disabled in the kernel) In other words, don't use host -6 for this scenario. Most recent versions of the host(1) command will do both A (IPv4 host record), and (IPv6 host record) lookups for you automatically. For example: host www.kame.net www.kame.net has address 203.178.141.194 www.kame.net has IPv6 address 2001:200:0:8002:203:47ff:fea5:3085 IP.IP.IP.8 is my ISP's DNS server, and is a third option just in case the localhost DNS server crashes or goes batty while I'm out drinking or somesuch. Here's my resolv.conf, which shows ::1 listed as the second nameserver entry - however, it seems host -6 never even tries it. domain mydomain search mydomain nameserver 127.0.0.1 nameserver ::1 nameserver IP.IP.IP.8 The DNS server running on localhost is authoritative for mydomain. I can ping it via localhost using both v4 and v6, and I can also ping the external v4 and v6 addresses just fine remotely. As I said, I'm new to IPv6, but this behavior seems to be counterintuitive. Am I just doing it wrong? For diagnosing your own nameservers, you are better off using the dig(1) utility. Example: dig ipv6.google.com @::1 This causes a dns query for an IPv6 address (aka query) for the hostname of ipv6.google.com using the nameserver on the IPv6 localhost loopback address (::1), and will give a very nice verbose output. man dig for more details. Good Luck. BTW, if you have not already setup an IPv6 tunnel to the internet, I highly recommend SixXS's (www.sixxs.net) free tunnels (and the sixxs-aiccu port), or you can look at Hurricane Electric (www.he.net), and some other tunnel brokers as well. -_Dave Thanks, Matt ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: host -6 failure
--- On Sat, 11/8/08, David Horn [EMAIL PROTECTED] wrote: From: David Horn [EMAIL PROTECTED] Subject: Re: host -6 failure To: [EMAIL PROTECTED] Cc: freebsd-questions@freebsd.org Date: Saturday, November 8, 2008, 7:25 PM On Fri, Nov 7, 2008 at 2:18 PM, mdh [EMAIL PROTECTED] wrote: Howdy folks, I'm having a little trouble understanding a problem that the `host` command in RELENG_7_0 (very recent) is having. This is by and large my first time working with IPv6, which I've been meaning to learn for some time. First off, I've got my zone file configured to return a record for x1.mydomain and named isn't complaining. However, when I run `host -6 x1.mydomain`, host returns the following output: ([EMAIL PROTECTED]) [/etc/namedb]: host -6 x1.mydomain /usr/src/lib/bind/isc/../../../contrib/bind9/lib/isc/unix/socket.c:1179: internal_send: :::127.0.0.1#53: Invalid argument /usr/src/lib/bind/isc/../../../contrib/bind9/lib/isc/unix/socket.c:1179: internal_send: :::IP.IP.IP.8#53: Invalid argument /usr/src/lib/bind/isc/../../../contrib/bind9/lib/isc/unix/socket.c:1179: internal_send: :::127.0.0.1#53: Invalid argument /usr/src/lib/bind/isc/../../../contrib/bind9/lib/isc/unix/socket.c:1179: internal_send: :::IP.IP.IP.8#53: Invalid argument ;; connection timed out; no servers could be reached The '-6' on the command line for host(1) forces an IPv6 only connection to your nameserver, not necessarily a query for the hostname in question. In this case, your nameservers listed in the warnings are IPv4 nameservers that host(1) is attempting to connect to using an ipv4 mapped ipv6 address (which by default is disabled in the kernel) In other words, don't use host -6 for this scenario. Yet as I pointed out, the second nameserver in my resolv.conf is ::1 - so shouldn't it work with that? It's clearly trying to contact the first and third nameservers listed. If the behavior I'm experiencing is the proper behavior, then let me pose this question: when would anyone conceivably want to use the -6 option, and why does it exist? My intent was to force a query to hit the nameserver on ::1 rather than 127.0.0.1. Most recent versions of the host(1) command will do both A (IPv4 host record), and (IPv6 host record) lookups for you automatically. For example: host www.kame.net www.kame.net has address 203.178.141.194 www.kame.net has IPv6 address 2001:200:0:8002:203:47ff:fea5:3085 IP.IP.IP.8 is my ISP's DNS server, and is a third option just in case the localhost DNS server crashes or goes batty while I'm out drinking or somesuch. Here's my resolv.conf, which shows ::1 listed as the second nameserver entry - however, it seems host -6 never even tries it. domain mydomain search mydomain nameserver 127.0.0.1 nameserver ::1 nameserver IP.IP.IP.8 The DNS server running on localhost is authoritative for mydomain. I can ping it via localhost using both v4 and v6, and I can also ping the external v4 and v6 addresses just fine remotely. As I said, I'm new to IPv6, but this behavior seems to be counterintuitive. Am I just doing it wrong? For diagnosing your own nameservers, you are better off using the dig(1) utility. Example: dig ipv6.google.com @::1 This causes a dns query for an IPv6 address (aka query) for the hostname of ipv6.google.com using the nameserver on the IPv6 localhost loopback address (::1), and will give a very nice verbose output. man dig for more details. That is more useful, but still doesn't stifle my desire to stomp a potential bug in the base system. Good Luck. BTW, if you have not already setup an IPv6 tunnel to the internet, I highly recommend SixXS's (www.sixxs.net) free tunnels (and the sixxs-aiccu port), or you can look at Hurricane Electric (www.he.net), and some other tunnel brokers as well. Actually this system is located at HE. :) Thanks, - mdh ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]