BIND trying to use IPv6 for recursion

2012-01-13 Thread Ian Pilcher 
I am a relative newbie to running BIND in "production".  I have recently
set up BIND 9.7 (on CentOS 6.2) as the nameserver for my home network.
I am using Google's public DNS servers (8.8.8.8 and 8.8.4.4 as my
forwarders).

My ISP does not support IPv6, and none of the network interfaces on the
server has an IPv6 address (including the loopback interface).  Despite
this, BIND appears to be trying to use IPv6 to communicate with other
nameservers.  My log is filling with messages like:

error (network unreachable) resolving 'www.isc.org/A/IN':
2001:4f8:0:2::19#53

2001:4f8:0:2::19 is sfba.sns-pb.isc.org, which is one of the nameservers
for the isc.org zone.

I've tried Googling and looked through the ARM, but I haven't found any
way to change this behavior.

Hints appreciated.  Thanks!

-- 

Ian Pilcher arequip...@gmail.com
"If you're going to shift my paradigm ... at least buy me dinner first."


___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: BIND trying to use IPv6 for recursion

2012-01-13 Thread Bill Owens 
On Fri, Jan 13, 2012 at 11:20:39AM -0600, Ian Pilcher wrote:
> I am a relative newbie to running BIND in "production".  I have recently
> set up BIND 9.7 (on CentOS 6.2) as the nameserver for my home network.
> I am using Google's public DNS servers (8.8.8.8 and 8.8.4.4 as my
> forwarders).
> 
> My ISP does not support IPv6, and none of the network interfaces on the
> server has an IPv6 address (including the loopback interface).  Despite
> this, BIND appears to be trying to use IPv6 to communicate with other
> nameservers.  My log is filling with messages like:

I'm not familiar with CentOS, but I would be surprised to hear that any modern 
Linux distro didn't have IPv6 enabled by default; you should see at least 
link-local addresses on your active interfaces (address family inet6, beginning 
with fe80::) I'm only pointing that out because if you're *not* seeing those, 
it is possible that the tool you're using to look for IPv6 isn't working 
correctly.

If you're actually ahead of that point and really saying that none of your 
interfaces have *global* IPv6 interfaces, then the only other thing I could 
suggest is looking to make sure you don't have a tunnel interface for 6to4; I 
don't think that would be enabled by default, though. 

Bill.
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: BIND trying to use IPv6 for recursion

2012-01-13 Thread Ian Pilcher 
On 01/13/2012 11:50 AM, Bill Owens wrote:
> I'm not familiar with CentOS, but I would be surprised to hear that any 
> modern Linux distro didn't have IPv6 enabled by default; you should see at 
> least link-local addresses on your active interfaces (address family inet6, 
> beginning with fe80::) I'm only pointing that out because if you're *not* 
> seeing those, it is possible that the tool you're using to look for IPv6 
> isn't working correctly.
> 
> If you're actually ahead of that point and really saying that none of your 
> interfaces have *global* IPv6 interfaces, then the only other thing I could 
> suggest is looking to make sure you don't have a tunnel interface for 6to4; I 
> don't think that would be enabled by default, though. 

I've specifically disabled all IPv6 addresses by setting

  net.ipv6.conf.all.disable_ipv6 = 1

in /etc/sysctl.conf.

Here is the output of ifconfig -a:

eth0  Link encap:Ethernet  HWaddr 00:1D:92:E0:1F:CA
  UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
  RX packets:11646099 errors:0 dropped:0 overruns:0 frame:0
  TX packets:12036575 errors:0 dropped:0 overruns:0 carrier:0
  collisions:0 txqueuelen:1000
  RX bytes:3309972864 (3.0 GiB)  TX bytes:413719638 (394.5 MiB)
  Interrupt:18 Base address:0x6000

eth0.1Link encap:Ethernet  HWaddr 00:1D:92:E0:1F:CA
  inet addr:172.31.1.254  Bcast:172.31.1.255  Mask:255.255.255.0
  UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
  RX packets:1 errors:0 dropped:0 overruns:0 frame:0
  TX packets:24846 errors:0 dropped:0 overruns:0 carrier:0
  collisions:0 txqueuelen:0
  RX bytes:42 (42.0 b)  TX bytes:6822472 (6.5 MiB)

eth0.4Link encap:Ethernet  HWaddr 00:1D:92:E0:1F:CA
  inet addr:172.31.4.254  Bcast:172.31.4.255  Mask:255.255.255.0
  UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
  RX packets:2811 errors:0 dropped:0 overruns:0 frame:0
  TX packets:25330 errors:0 dropped:0 overruns:0 carrier:0
  collisions:0 txqueuelen:0
  RX bytes:387927 (378.8 KiB)  TX bytes:6842944 (6.5 MiB)

eth0.250  Link encap:Ethernet  HWaddr 00:1D:92:E0:1F:CA
  inet addr:172.31.250.254  Bcast:172.31.250.255  Mask:255.255.255.0
  UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
  RX packets:3554107 errors:0 dropped:0 overruns:0 frame:0
  TX packets:5217588 errors:0 dropped:0 overruns:0 carrier:0
  collisions:0 txqueuelen:0
  RX bytes:391721413 (373.5 MiB)  TX bytes:2146319157 (1.9 GiB)

eth0.251  Link encap:Ethernet  HWaddr 00:1D:92:E0:1F:CA
  inet addr:172.31.251.254  Bcast:172.31.251.255  Mask:255.255.255.0
  UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
  RX packets:778516 errors:0 dropped:0 overruns:0 frame:0
  TX packets:745701 errors:0 dropped:0 overruns:0 carrier:0
  collisions:0 txqueuelen:0
  RX bytes:166482724 (158.7 MiB)  TX bytes:170442196 (162.5 MiB)

eth0.252  Link encap:Ethernet  HWaddr 00:1D:92:E0:1F:CA
  inet addr:172.31.252.254  Bcast:172.31.252.255  Mask:255.255.255.0
  UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
  RX packets:3365 errors:0 dropped:0 overruns:0 frame:0
  TX packets:29609 errors:0 dropped:0 overruns:0 carrier:0
  collisions:0 txqueuelen:0
  RX bytes:216141 (211.0 KiB)  TX bytes:13769389 (13.1 MiB)

eth0.253  Link encap:Ethernet  HWaddr 00:1D:92:E0:1F:CA
  inet addr:172.31.253.254  Bcast:172.31.253.255  Mask:255.255.255.0
  UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
  RX packets:979426 errors:0 dropped:0 overruns:0 frame:0
  TX packets:1562642 errors:0 dropped:0 overruns:0 carrier:0
  collisions:0 txqueuelen:0
  RX bytes:85292751 (81.3 MiB)  TX bytes:1766913359 (1.6 GiB)

eth0.254  Link encap:Ethernet  HWaddr 00:1D:92:E0:1F:CA
  inet addr:172.31.254.254  Bcast:172.31.254.255  Mask:255.255.255.0
  UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
  RX packets:0 errors:0 dropped:0 overruns:0 frame:0
  TX packets:24846 errors:0 dropped:0 overruns:0 carrier:0
  collisions:0 txqueuelen:0
  RX bytes:0 (0.0 b)  TX bytes:6870228 (6.5 MiB)

eth0.255  Link encap:Ethernet  HWaddr 00:1D:92:E0:1F:CA
  inet addr:172.31.255.1  Bcast:172.31.255.255  Mask:255.255.255.0
  UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
  RX packets:6327801 errors:0 dropped:0 overruns:0 frame:0
  TX packets:4406015 errors:0 dropped:0 overruns:0 carrier:0
  collisions:0 txqueuelen:0
  RX bytes:2502811591 (2.3 GiB)  TX bytes:590708249 (563.3 MiB)

loLink encap:Local Loopback
  inet addr:127.0.0.1  Mask:255.0.0.0
  UP LOOPBACK RUNNING  MTU:16436  Metric:1
  RX packets:4396 errors:0 dropped:0 overruns:0 frame:0
  TX packets:4396 errors:0 dropped:0 overru

SOLVED: BIND trying to use IPv6 for recursion

2012-01-13 Thread Ian Pilcher 
On 01/13/2012 11:20 AM, Ian Pilcher wrote:
> My ISP does not support IPv6, and none of the network interfaces on the
> server has an IPv6 address (including the loopback interface).  Despite
> this, BIND appears to be trying to use IPv6 to communicate with other
> nameservers.

I finally stumbled on search terms that led me to the answer, which is
to start named with the "-4" option.

Silly me for thinking this would be in the configuration file.  :-(

-- 

Ian Pilcher arequip...@gmail.com
"If you're going to shift my paradigm ... at least buy me dinner first."


___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: BIND trying to use IPv6 for recursion

2012-01-13 Thread Eric Kom 
Good day,

configure /etc/default/bind9  file like:

OPTIONS="-4 -u bind"

-4 for IPv4. Bind was confusing between IPv4 and IPv6.



On 13/01/2012 19:20, Ian Pilcher wrote:
> I am a relative newbie to running BIND in "production".  I have recently
> set up BIND 9.7 (on CentOS 6.2) as the nameserver for my home network.
> I am using Google's public DNS servers (8.8.8.8 and 8.8.4.4 as my
> forwarders).
>
> My ISP does not support IPv6, and none of the network interfaces on the
> server has an IPv6 address (including the loopback interface).  Despite
> this, BIND appears to be trying to use IPv6 to communicate with other
> nameservers.  My log is filling with messages like:
>
> error (network unreachable) resolving 'www.isc.org/A/IN':
> 2001:4f8:0:2::19#53
>
> 2001:4f8:0:2::19 is sfba.sns-pb.isc.org, which is one of the nameservers
> for the isc.org zone.
>
> I've tried Googling and looked through the ARM, but I haven't found any
> way to change this behavior.
>
> Hints appreciated.  Thanks!
>


-- 
--
You Truly

Eric Kom

System Administrator - Metropolitan College
 _
/ You are scrupulously honest, frank, and \
| straightforward. Therefore you have few |
\ friends./
 -
   \
\
.--.
   |o_o |
   |:_/ |
  //   \ \
 (| Kom | )
/'\_   _/`\
\___)=(___/

2 Hennie Van Till, White River, 1240
Tel: 013 750 2255 | Fax: 013 750 0105 | Cell: 078 879 1334
eric...@kom.za.net | eric...@namekom.co.za | eric...@erickom.co.za
www.kom.za.net | www.kom.za.org | www.erickom.co.za

Key fingerprint: 513E E91A C243 3020 8735 09BB 2DBC 5AD7 A9DA 1EF5

___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users