Your message dated Sun, 13 May 2007 21:35:36 +0200
with message-id <[EMAIL PROTECTED]>
and subject line Configuration issue
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--- Begin Message ---
Package: bind9
Version: 1:9.2.4-1
Severity: normal
At the moment our server bind9 server is trying to do some name
resolving over IPv6. This fails, and I think this leads to a very
verbose log, with lines like:
Jun 5 07:23:13 sd01 kernel: ICMPv6 NA: ndisc_send_ns() failed to
allocate an skb.
While the above line looks more like a kernel bug, from my observations it
seems fairly likely that it is being triggered via binds behaviour.
Most of the bind lookups are occuring over IPv4, and are correctly
resolving. I don't have any stats about how many are being attempted
over IPv6. I assume when the IPv6 lookups fail, bind9 retries over IPv4.
I'm sure that it isn't attempting IPv6 for all lookups though, as I
believe I would have noticed the performance hit.
The server has the following addresses assigned:
2: eth0: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 1000
link/ether 00:30:48:70:f3:70 brd ff:ff:ff:ff:ff:ff
inet 192.168.1.103/24 brd 192.168.1.255 scope global eth0
inet6 fe80::230:48ff:fe70:f370/64 scope link
valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 1000
link/ether 00:30:48:70:f3:71 brd ff:ff:ff:ff:ff:ff
inet 192.168.13.1/24 brd 192.168.13.255 scope global eth1
inet6 fe80::230:48ff:fe70:f371/64 scope link
valid_lft forever preferred_lft forever
Is there some way of turning off support for IPv6 in bind9, or even the
entire OS? It seemed from some packet sniffing it was attempting to
query 2001:620::5. I don't know how it got this IPv6 address.
-- System Information:
Debian Release: 3.1
APT prefers testing
APT policy: (500, 'testing')
Architecture: i386 (i686)
Kernel: Linux 2.6.8-2-686-smp
Locale: LANG=en_AU, LC_CTYPE=en_AU (charmap=ISO-8859-1)
Versions of packages bind9 depends on:
ii adduser 3.63 Add and remove users and groups
ii libc6 2.3.2.ds1-22 GNU C Library: Shared libraries an
ii libdns16 1:9.2.4-1 DNS Shared Library used by BIND
ii libisc7 1:9.2.4-1 ISC Shared Library used by BIND
ii libisccc0 1:9.2.4-1 Command Channel Library used by BI
ii libisccfg0 1:9.2.4-1 Config File Handling Library used
ii liblwres1 1:9.2.4-1 Lightweight Resolver Library used
ii libssl0.9.7 0.9.7e-3 SSL shared libraries
ii netbase 4.21 Basic TCP/IP networking system
-- no debconf information
--- End Message ---
--- Begin Message ---
You can change the OPTIONS line in /etc/default/bind9 to this:
OPTIONS="-4 -u bind
Or you can blacklist the ipv6 module. A solution through named.conf
should be able as well, but it might be more involved.
--- End Message ---
