Misbehavior Against DNS Queries for IPv6 Addresses?
Jeroen Massar
jeroen at unfix.org
Fri Jun 10 10:01:50 CEST 2005
> On Jun 9, 2005, at 9:58 PM, Joshua Ronne Altemoos wrote:
>
> > well AAAA are for ipv6 address. I run a prodcution ipv6 tunnel with
> > bgp on my server via occaid and i never had the problem.
Please, you should assume that most people on this list know the
difference between A and AAAA, next to that most people here run
production IPv6 networks and some of them did encounter this problem, eg
with the bbc nameservers, which got fixed, and quite a number of others.
On Fri, 2005-06-10 at 02:41 -0500, Joseph T. Klein wrote:
> The problem is that if you run sendmail with IPv6 enabled it gets
> a DNS error due to DNS problems on the site that you are trying to
> send mail to, then sendmail endlessly defers the mail.
>
> This is because sendmail looks for a AAAA record before an A record.
> The DNS at the receiving site sends a broken response.
>
> Please - anyone have a fix other than turning off IPv6 on my sendmail,
> which, as far as I can tell, is not the source of the problem.
>
> Read RFC 4074 - I think the problem is explained in that RFC.
The thing here is though, that bind 9.3.1 should not be affected to
this, and as I showed with the version.bind chaos queries they are
running this version.
<SNIP>
> Note how the header opcode returns status: SERVFAIL rather than
> status: NOERROR. This is the same broken behavior as described
> in RFC-4074.
That is correct. But really, the only way you are going to get this
fixed is have them check and maybe upgrade their DNS servers.
Greets,
Jeroen
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 240 bytes
Desc: This is a digitally signed message part
Url : http://lists.cluenet.de/pipermail/ipv6-ops/attachments/20050610/d761eab0/attachment.bin
More information about the ipv6-ops
mailing list