host -6 failure

mdh mdh_lists at yahoo.com
Sat Nov 8 16:55:20 PST 2008 

--- On Sat, 11/8/08, David Horn <dhorn2000 at gmail.com> wrote:
> From: David Horn <dhorn2000 at gmail.com>
> Subject: Re: host -6 failure
> To: mdh_lists at yahoo.com
> Cc: freebsd-questions at freebsd.org
> Date: Saturday, November 8, 2008, 7:25 PM
> On Fri, Nov 7, 2008 at 2:18 PM, mdh
> <mdh_lists at yahoo.com> wrote:
> > Howdy folks,
> > I'm having a little trouble understanding a
> problem that the `host` command in RELENG_7_0 (very recent)
> is having.  This is by and large my first time working with
> IPv6, which I've been meaning to learn for some time. 
> First off, I've got my zone file configured to return a
> AAAA record for x1.mydomain and named isn't complaining.
>  However, when I run `host -6 x1.mydomain`, host returns the
> following output:
> >
> > (root at rapier) [/etc/namedb]: host -6 x1.mydomain
> >
> /usr/src/lib/bind/isc/../../../contrib/bind9/lib/isc/unix/socket.c:1179:
> internal_send: ::ffff:127.0.0.1#53: Invalid argument
> >
> /usr/src/lib/bind/isc/../../../contrib/bind9/lib/isc/unix/socket.c:1179:
> internal_send: ::ffff:IP.IP.IP.8#53: Invalid argument
> >
> /usr/src/lib/bind/isc/../../../contrib/bind9/lib/isc/unix/socket.c:1179:
> internal_send: ::ffff:127.0.0.1#53: Invalid argument
> >
> /usr/src/lib/bind/isc/../../../contrib/bind9/lib/isc/unix/socket.c:1179:
> internal_send: ::ffff:IP.IP.IP.8#53: Invalid argument
> > ;; connection timed out; no servers could be reached
> 
> The '-6' on the command line for host(1) forces an
> IPv6 only
> connection to your nameserver, not necessarily a
> "AAAA" query for the
> hostname in question.  In this case, your nameservers
> listed in the
> warnings are IPv4 nameservers that host(1) is attempting to
> connect to
> using an ipv4 mapped ipv6 address (which by default is
> disabled in the
> kernel) In other words, don't use host -6 for this
> scenario.

Yet as I pointed out, the second nameserver in my resolv.conf is ::1 - so shouldn't it work with that?  It's clearly trying to contact the first and third nameservers listed.  If the behavior I'm experiencing is the proper behavior, then let me pose this question: when would anyone conceivably want to use the -6 option, and why does it exist?  My intent was to force a query to hit the nameserver on ::1 rather than 127.0.0.1.  

> 
> Most recent versions of the host(1) command will do both
> "A" (IPv4
> host record), and "AAAA" (IPv6 host record)
> lookups for you
> automatically.  For example:
> 
>  host www.kame.net
> www.kame.net has address 203.178.141.194
> www.kame.net has IPv6 address
> 2001:200:0:8002:203:47ff:fea5:3085
> 
> >
> > IP.IP.IP.8 is my ISP's DNS server, and is a third
> option just in case the localhost DNS server crashes or goes
> batty while I'm out drinking or somesuch.  Here's my
> resolv.conf, which shows ::1 listed as the second nameserver
> entry - however, it seems host -6 never even tries it.
> >
> > domain          mydomain
> > search          mydomain
> > nameserver      127.0.0.1
> > nameserver      ::1
> > nameserver      IP.IP.IP.8
> >
> > The DNS server running on localhost is authoritative
> for mydomain.  I can ping it via localhost using both v4 and
> v6, and I can also ping the external v4 and v6 addresses
> just fine remotely.
> >
> > As I said, I'm new to IPv6, but this behavior
> seems to be counterintuitive.  Am I just doing it wrong?
> >
> 
> For diagnosing your own nameservers, you are better off
> using the
> dig(1) utility.
> 
> Example:
> 
>  dig ipv6.google.com AAAA @::1
> 
> This causes a dns query for an IPv6 address (aka
> "AAAA" query) for the
> hostname of "ipv6.google.com" using the
> nameserver on the IPv6
> localhost loopback address (::1), and will give a very nice
> verbose
> output.  man dig for more details.

That is more useful, but still doesn't stifle my desire to stomp a potential bug in the base system.  

> 
> Good Luck.
> 
> BTW, if you have not already setup an IPv6 tunnel to the
> internet, I
> highly recommend SixXS's (www.sixxs.net) free tunnels
> (and the
> sixxs-aiccu port), or you can look at Hurricane Electric
> (www.he.net),
> and some other tunnel brokers as well.

Actually this system is located at HE.  :)

Thanks,
- mdh

More information about the freebsd-questions mailing list