Re: Weird DNS Problem, Timeouts ipv6?
This is a discussion on Re: Weird DNS Problem, Timeouts ipv6? within the comp.unix.bsd.openbsd.misc forums, part of the OpenBSD category; --> Cory Albrecht (coryalbrecht+-news+AEA-hotmail.com) wrote: +AD4- Helmut Schneider wrote: +AD4APg- Cory Albrecht (coryalbrecht+newAQA-hotmail.com) wrote: +AD4APgA+- Helmut Schneider wrote: +AD4APgA+AD4- Michael ...
| |||||||
| Register | FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
02-16-2008, 07:48 AM
| ||||
| ||||
 Re: Weird DNS Problem, Timeouts ipv6? Cory Albrecht (coryalbrecht+-news+AEA-hotmail.com) wrote: +AD4- Helmut Schneider wrote: +AD4APg- Cory Albrecht (coryalbrecht+newAQA-hotmail.com) wrote: +AD4APgA+- Helmut Schneider wrote: +AD4APgA+AD4- Michael Dombrowski +ADw-legodudenein+AEA-hammycorp.com+AD4- wrote: +AD4APgA+AD4APg- This leads me to think there is some ipv6 problem... I haven't +AD4APgA+AD4APg- touched the network settings on this machine and am not doing +AD4APgA+AD4APg- anything with ipv6 on my router/network. Any ideas? This is a really +AD4APgA+AD4APg- aggravating bug. +AD4- +AD4APgA+- This sounds a lot like the typical problem of when system has IPv6 +AD4APgA+- capability but no actual IPv6 network links. The system does a DNS query +AD4APgA+- and gets back an AAAA record for a host and then, because it has no IPv6 +AD4APgA+- link, it times out waiting for a response to an IPv6 connection to the +AD4APgA+- returned address. Could this also be Mr. Dombrowski's problem? +AD4- +AD4APg- Yes. What does the faq say, activate pf and reject anything that sounds +AD4APg- like IPv6? +AD4- +AD4- I can't see how blocking IPv6 with pf would do anything unless it would +AD4- return a no route to host or some other error. I can see it doing +AD4- nothing and the app still waiting for a connection timeout. As Joachim already said, I've never seen such a problem before, too, I only read about it. And if this really is an IPv6-ralated problem pf should solve it using +ACI-set block-policy return+ACI- and +ACI-block inet6 all+ACI-. +AD4- Out of curiosity, anybody involved with OpenBSD kernel development want +AD4- to comment on the feasibility of a sysctl item (call it +AD4- net.inet6.disable) that would effectively disable IPv6 and prevent +AD4- annoying timeouts like this without having to build a new kernel? Or +AD4- maybe just a +ACI-noipv6+ACI- for the options keyword in resolv.conf so IPv6 +AD4- addresses never get returned? I've previously read a posting that removing or crippling IPv6 on OpenBSD would lead to an unexpected behaviour and will probably break IPv4, too. I Don't remember where and as I've never seen such a problem before... -- Please do not feed my mailbox, Swen still does his job well      |
Linear Mode
