Re: ipv6 dns-nameservers

To: basti <mailinglist@unix-solution.de>, debian-user@lists.debian.org
Subject: Re: ipv6 dns-nameservers
From: Mal <malz@jetlan.com>
Date: Thu, 27 Mar 2025 18:25:43 +1030
Message-id: <[🔎] 95ab9146-316a-f851-b69f-adf4e44ec8ea@jetlan.com>
In-reply-to: <[🔎] 804a8264-eba6-4f87-80b5-c8d753245a16@unix-solution.de>
References: <[🔎] 36f45d2c-461d-9396-e6ba-79b0e0f21926@jetlan.com> <[🔎] 804a8264-eba6-4f87-80b5-c8d753245a16@unix-solution.de>

The issue is the missing nameserver target in resolv. I am expecting two in the echo.

Receiving AAAA records over the only nameserver target (v4) works fine as expected - using DIG or ping.

In my configuration no IPv6 nameserver target is present in resolv, hence it will never use IPv6 towards the nameserver. Only a v4 connection.

The functionality of receiving A or AAAA records via v4 or v6 connections works fine (manually via DIG), you can see below.

>
root@debian:/home/user# dig ipv6.com

; <<>> DiG 9.18.33-1~deb12u2-Debian <<>> ipv6.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 3975
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
; COOKIE: 7ac359db9c31c4270100000067e50042891d6c64af1761b2 (good)
;; QUESTION SECTION:
;ipv6.com.                      IN      A

;; ANSWER SECTION:
ipv6.com.               86391   IN      A       198.178.249.201

;; Query time: 0 msec
;; SERVER: 12.34.56.78#53(12.34.56.78) (UDP)

root@debian:/home/user# dig @2xxx:xxxx:x00:1::50 ipv6.com

; <<>> DiG 9.18.33-1~deb12u2-Debian <<>> @2xxx:xxxx:x00:1::50 ipv6.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 41670
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
; COOKIE: 43472f7a7329ef6a0100000067e500398a9fbf9dfc4041e2 (good)
;; QUESTION SECTION:
;ipv6.com.                      IN      A

;; ANSWER SECTION:
ipv6.com.               86400   IN      A       198.178.249.201

;; Query time: 288 msec
;; SERVER: 2xxx:xxxx:x00:1::50#53(2xxx:xxxx:x00:1::50) (UDP)

root@debian:/home/user# dig aaaa ipv6.com

; <<>> DiG 9.18.33-1~deb12u2-Debian <<>> aaaa ipv6.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 40945
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
; COOKIE: 076c2a8c336f64450100000067e5006f34bb754eb4e1bb7e (good)
;; QUESTION SECTION:
;ipv6.com.                      IN      AAAA

;; ANSWER SECTION:
ipv6.com.               86388   IN      AAAA    2602:fa20:1:40::201

;; Query time: 0 msec
;; SERVER: 12.34.56.78#53(12.34.56.78) (UDP)

root@debian:/home/user# dig @2xxx:xxxx:x00:1::50 aaaa ipv6.com

; <<>> DiG 9.18.33-1~deb12u2-Debian <<>> @2xxx:xxxx:x00:1::50 aaaa ipv6.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 54730
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
; COOKIE: 22c5fddc9d2659660100000067e500639d2839256745a712 (good)
;; QUESTION SECTION:
;ipv6.com.                      IN      AAAA

;; ANSWER SECTION:
ipv6.com.               86400   IN      AAAA    2602:fa20:1:40::201

;; Query time: 224 msec
;; SERVER: 2xxx:xxxx:x00:1::50#53(2xxx:xxxx:x00:1::50) (UDP)

root@debian:/home/user#

On 27/03/2025 5:23 pm, basti wrote:

Hello,

first of all the nameservers in /etc/resolv.conf are queried in order.
That means the 2'nd one is only queried when the first one does not answer. Even NXDOMAIN is a valid answer.
So the first one should also return IPv6 over a IPv4 connection.

How do you query the nameserver? dig, 'getent hosts' ... ?

Am 27.03.25 um 05:04 schrieb Mal:

Hello

On Debian 6.1.129-1, I have a static network interface conf (no Netplan)
with both IPv4 & IPv6 addressing and Name-servers set.

root@debian:/home/user# more /etc/network/interfaces
source /etc/network/interfaces.d/*
# The loopback network interface
  auto lo
  iface lo inet loopback

  allow-hotplug enp1s0
  iface enp1s0 inet static
  address 12.34.56.78
  network 12.34.56.0
  netmask 255.255.255.0
  broadcast 12.34.56.255
  gateway 12.34.56.1

  iface enp1s0 inet6 static
  address 2xxx:xxxx:x00:1::50
  netmask 64
  gateway 2xxx:xxxx:x00:1::1
  dns-nameservers 12.34.56.80 2xxx:xxx:x00:1::80

When I query what is set in resolv.conf file, It only returns the IPv4 host.

root@debian:/home/user# more /etc/resolv.conf
nameserver 12.34.56.80

On another older machine (running kernel 4.9.35-v7+) with exactly the
same configuration layout, I get BOTH the IPv4 & IPv6 addresses returned
from resolv.conf

root@another:/home/user# more /etc/resolv.conf
nameserver 12.34.56.80
nameserver 2xxx:xxx:x00:1::80

The IPv6 networking side has no issues - I can ssh over to other
machines via IPv6 with no issues. And the machine is serving v6 web
traffic fine.

Mal

Reply to:

References:
- ipv6 dns-nameservers
  - From: Mal <malz@jetlan.com>
- Re: ipv6 dns-nameservers
  - From: basti <mailinglist@unix-solution.de>

Prev by Date: Re: ipv6 dns-nameservers
Next by Date: Re: Pls help fixing /boot/efi and GRUB
Previous by thread: Re: ipv6 dns-nameservers
Next by thread: Re: ipv6 dns-nameservers
Index(es):
- Date
- Thread