[Bug 1584042] [NEW] IPV6 resolving fails via udp (not tcp) from other server

Fri, 20 May 2016 06:06:56 -0700 

Public bug reported:


Hi,

On a client server, I can't get a response from a name server in ipv6+udp. On 
the same server, it works fine in tcp.
If I log on my name server, I can get a response from himself but, as a client, 
it can't get a response from another name server.

here are the steps to reproduce : 
- Create a new server using Ubuntu server 16.04. Set it to use ipv4 and use 
your preferred name server. Select absolutely nothing as functionality. 
- check some nslookup and apt-get stuff to verify network is OK
- add ipv6 to the interface and refer to an IPV6 nameserver. I have 3 and thats 
why I noticed the problem >> All 3 ipv6 nameservers are filling the 3 places in 
resolv.conf.
- if you don't have 3 ipv6 nameservers, just add one and comment the line with 
the ipv4 name server.
- verify your resolv.conf. Should only content ipv6 reference.
- Now, you can't nslookup anymore... 
- add some tests : "dig @ipv4server google.com" works but "dig @ipv6server 
google.com" don't


Here a more tests : 


Nameserver1 : Nameserver1.MyDomain :  XXX.YYY.ZZZ.250 / xxxx:yyyy:zzzz::250
Client          StandAloneServer.MyDomain               :   XXX.YYY.ZZZ.209 / 
xxxx:yyyy:zzzz::209

With IPV4


# dig @XXX.YYY.ZZZ.226 www.google.fr

/var/log/named/queries.log on Nameserver1:
20-May-2016 12:25:02.834 queries: info: client XXX.YYY.ZZZ.209#35116 
(www.google.fr): query: www.google.fr IN A +E (XXX.YYY.ZZZ.226)

Tcp Dump on Nameserver1:
12:25:02.834092 IP StandAloneServer.MyDomain.35116 > 
Nameserver1.MyDomain.domain: 62949+ [1au] A? www.google.fr. (42)
12:25:02.834395 IP Nameserver1.MyDomain.domain > 
StandAloneServer.MyDomain.35116: 62949 1/4/5 A 216.58.210.195 (204)

Tcp Dump on Client
12:25:02.668200 IP StandAloneServer.MyDomain.35116 > 
Nameserver1.MyDomain.domain: 62949+ [1au] A? www.google.fr. (42)
12:25:02.669573 IP Nameserver1.MyDomain.domain > 
StandAloneServer.MyDomain.35116: 62949 1/4/5 A 216.58.210.195 (204)


RESULT:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> @XXX.YYY.ZZZ.226 www.google.fr
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 49591
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 4, ADDITIONAL: 5
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;www.google.fr.                 IN      A
;; ANSWER SECTION:
www.google.fr.          300     IN      A       216.58.210.195
;; AUTHORITY SECTION:
google.fr.              171625  IN      NS      ns1.google.com.
[TRUNCATED]


WITH IPV6
# dig @xxxx:yyyy:zzzz::226 www.google.fr 

NOTE  : I only asked once, it created 3 queries with 5 secs d’intervalle
environ

/var/log/named/queries.log on Nameserver1:
20-May-2016 12:32:34.902 queries: info: client xxxx:yyyy:zzzz::209#35362 
(www.google.fr): query: www.google.fr IN A +E (xxxx:yyyy:zzzz::226)
20-May-2016 12:32:39.902 queries: info: client xxxx:yyyy:zzzz::209#35362 
(www.google.fr): query: www.google.fr IN A +E (xxxx:yyyy:zzzz::226)
20-May-2016 12:32:44.902 queries: info: client xxxx:yyyy:zzzz::209#35362 
(www.google.fr): query: www.google.fr IN A +E (xxxx:yyyy:zzzz::226)

Tcp Dump on Nameserver1:
12:32:34.902598 IP6 StandAloneServer.MyDomain.35362 > 
Nameserver1.MyDomain.domain: 23393+ [1au] A? www.google.fr. (42)
12:32:34.902994 IP6 Nameserver1.MyDomain.domain > 
StandAloneServer.MyDomain.35362: 23393 1/4/5 A 216.58.210.195 (204)
…
12:32:39.902644 IP6 StandAloneServer.MyDomain.35362 > 
Nameserver1.MyDomain.domain: 23393+ [1au] A? www.google.fr. (42)
12:32:39.902975 IP6 Nameserver1.MyDomain.domain > 
StandAloneServer.MyDomain.35362: 23393 1/4/5 A 216.58.210.195 (204)
…
12:32:39.902644 IP6 StandAloneServer.MyDomain.35362 > 
Nameserver1.MyDomain.domain: 23393+ [1au] A? www.google.fr. (42)
12:32:39.902975 IP6 Nameserver1.MyDomain.domain > 
StandAloneServer.MyDomain.35362: 23393 1/4/5 A 216.58.210.195 (204)


Tcp Dump on Client12:32:34.725312 IP6 StandAloneServer.MyDomain.35362 > 
Nameserver1.MyDomain.domain: 23393+ [1au] A? www.google.fr. (42)
12:32:34.726036 IP6 Nameserver1.MyDomain.domain > 
StandAloneServer.MyDomain.35362: 23393 1/4/5 A 216.58.210.195 (204)
…
12:32:39.725199 IP6 StandAloneServer.MyDomain.35362 > 
Nameserver1.MyDomain.domain: 23393+ [1au] A? www.google.fr. (42)
12:32:39.726045 IP6 Nameserver1.MyDomain.domain > 
StandAloneServer.MyDomain.35362: 23393 1/4/5 A 216.58.210.195 (204)
…
12:32:44.725288 IP6 StandAloneServer.MyDomain.35362 > 
Nameserver1.MyDomain.domain: 23393+ [1au] A? www.google.fr. (42)
12:32:44.725944 IP6 Nameserver1.MyDomain.domain > 
StandAloneServer.MyDomain.35362: 23393 1/4/5 A 216.58.210.195 (204)


RESULT


; <<>> DiG 9.10.3-P4-Ubuntu <<>> @xxxx:yyyy:zzzz::226 www.google.fr
; (1 server found)
;; global options: +cmd
;; connection timed out; no servers could be reached


but, if I do the same query with the tcp flag, all is OK : 


# dig +tcp @xxxx:yyyy:zzzz::226 www.google.fr 

; <<>> DiG 9.10.3-P4-Ubuntu <<>> +tcp xxxx:yyyy:zzzz::226 www.google.fr
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 41105
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 4, ADDITIONAL: 5

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;www.google.fr.                 IN      A

;; ANSWER SECTION:
www.google.fr.          300     IN      A       216.58.210.195

** Affects: bind9 (Ubuntu)
     Importance: Undecided
         Status: New

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1584042

Title:
  IPV6 resolving fails via udp (not tcp) from other server

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/bind9/+bug/1584042/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Reply via email to