Bug#296204: libc6: NSS resolving behavior for IPv6 wrong or should be configurable
Package: libc6
Version: 2.3.2.ds1-20
Severity: normal
It appears that if the DNS has an A record for a domain but no AAAA record and
we asked (gethostbyname, getaddrinfo, etc) for an IPv6 address, the resolver
is not satisfied and continues to resolve the name using other domains from
the search list in resolv.conf or the name alone.
For example suppose that /etc/resolv.conf includes the following domain search
list:
search foo.com bar.org
Now if I ask to resolve "somehost" for an IPv6 address and that the DNS has an
A record for somehost.foo.com, but no AAAA record, then the following happens:
1. The resolver asks the DNS for an AAAA record for domain somehost.foo.com
and the DNS replies that it has no such record, but the domain is known.
2. The resolver asks the DNS for an AAAA record for domain somehost.bar.org
and the DNS replies that it has no such record and that the domain is not
known (NXDOMAIN).
3. The resolver asks the DNS for a recursive search of an AAAA record for
domain somehost. and then the DNS performs the search (and hopefully fails).
While this behavior could have its legitimate explanation (we would like to
completely separate the IPv4 and IPv6 resolution spaces), I think that the
behavior should be configurable. I would like to be able to make resolutions
for AAAA records stop as soon as an A record (but no AAAA record) exists for
the given domain ("yes somehost exists, but has no associated IPv6 address").
-- System Information:
Debian Release: 3.1
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: i386 (i686)
Kernel: Linux 2.6.9
Locale: LANG=C, LC_CTYPE=fr_FR@euro (charmap=ISO-8859-15)
Versions of packages libc6 depends on:
ii libdb1-compat 2.1.3-7 The Berkeley database routines [gl
-- no debconf information
--
Sex on TV doesn't hurt....unless you fall off.
Reply to: