not your regular ipv4/ipv6 dns issue
Hi all,
We are seeing strange delays in dns resolving with apt-get and wget.
Tried various public dns servers (for example google dns, opendns)
I used tcpdump to see what actually happens, and we found out that
apt-get makes two requests for security.debian.org:
standard query A
and
standard query AAAA
But only the first query is answered...
Five seconds later, apt-get asks the same AGAIN, but this time waits for
an answer, and obtains both A and AAAA addresses:
No. Time Source Destination Protocol Info
1 0.000000 192.87.143.xx 8.8.8.8 DNS Standard query A security.debian.org
2 0.000018 192.87.143.xx 8.8.8.8 DNS Standard query AAAA security.debian.org
3 0.025487 8.8.8.8 192.87.143.xx DNS Standard query response A 212.211.132.250 A 212.211.132.32 A 195.20.242.89
4 5.004465 192.87.143.xx 8.8.8.8 DNS Standard query A security.debian.org
5 5.005530 8.8.8.8 192.87.143.xx DNS Standard query response A 212.211.132.250 A 212.211.132.32 A 195.20.242.89
6 5.005601 192.87.143.xx 8.8.8.8. DNS Standard query AAAA security.debian.org
7 5.030211 8.8.8.8 192.87.143.xx DNS Standard query response AAAA 2001:8d8:580:400:6564:a62:0:2 AAAA 2001:a78:5:1:216:35ff:fe7f:6ceb AAAA 2001:a78:5:0:216:35ff:fe7f:be4f
Note: of course security.debian.org has an AAAA record, and my machine
is also 100% ipv6 enabled. (and generally ipv4/ipv6 both work as expected)
We see no delays at all when using 'host' to get the info:
host ftp.nluug.nl
ftp.nluug.nl has address 192.87.102.42
ftp.nluug.nl has address 192.87.102.43
ftp.nluug.nl has IPv6 address 2001:610:1:80aa:192:87:102:43
ftp.nluug.nl has IPv6 address 2001:610:1:80aa:192:87:102:42
root@ws063:~#
If we use 'wget' to download files, we see the same behaviour:
wget http://ftp.nluug.nl/README.nluug
--2013-11-06 13:55:54-- http://ftp.nluug.nl/README.nluug
Resolving ftp.nluug.nl (ftp.nluug.nl)... 192.87.102.43, 192.87.102.42, 2001:610:1:80aa:192:87:102:42, ...
Just the resolving takes 5 seconds, but the result is good: both ipv4
and ipv6 addresses are returned. Downloading goes with normal speed.
Interestingly: When instructing wget to use ipv4 or ipv6, BOTH work quickly.
> wget -6 http://ftp.nluug.nl/README.nluug
or
> wget -4 http://ftp.nluug.nl/README.nluug
work quick.
I have also tried setting ipv6-addresses-only in /etc/resolv.conf, with
exactly the same problems/results.
Can anyone here give me soms tips or clues what could be the problem
here? Really hope someone has a clue...
Regards,
MJ
Reply to: