Re: Bug#69067: DNS problems withe firewall
On Sun, Aug 13, 2000 at 03:11:33PM -0600, Jason Gunthorpe wrote:
>
> On Sun, 13 Aug 2000, Elad Tsur wrote:
>
> > Recently this host (tsur4.tau.ac.il) is behind a NAT/firewall/proxy
> > (WinRoute Pro). the DNS server was changed to be the proxy, and everything
> > worked fine, except for apt-get which could not find the DNS names in the
> > URLs at /etc/apt/sources.list. The problem disappeared when I changed the
> > hostnames to numeric IPs.
>
> The 'dns server' (and I use that term loosely) in WinRoute Pro is probably
> considerably buggy.. I have reported a glibc bug in this area that causes
> slow DNS lookups in some situations which may be worsening your problem.
>
> Jason
Hello,
I investigated the problem, and found that the problem is that the WinRoute
DNS server does not support IPv6 adresses at all. It causes a similar
problem in SSH, that can be solved only currently with the -4 switch that
forces IPv4 only (and which should be the default according to SSH's
changelog). It might be that apt-get suffers from the same problem, that is
doing IPv6 name searches before IPv4. The best solution would be to add an
option to do IPv4 only, perhaps in some config file. Since IPv6 is rarely
used (I have yet to actually see it working anywhere), IPv4 only should
probably be the default.
Thanks!
Elad Tsur
Reply to: