Re: AW: AW: AW: AW: [squid-users] Re: dns_v4_first on ignored? from Amos Jeffries on 2013-02-12 (squid-users)

From: Amos Jeffries <squid3_at_treenet.co.nz>
Date: Tue, 12 Feb 2013 22:53:44 +1300

On 12/02/2013 8:41 p.m., Sandrini Christian (xsnd) wrote:
> Hi
>
> I have now enabled ipv6
>
> 3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 1000
> link/ether 00:50:56:a6:07:27 brd ff:ff:ff:ff:ff:ff
> inet 160.85.104.14/24 brd 160.85.104.255 scope global eth1
> inet6 fe80::250:56ff:fea6:727/64 scope link
> valid_lft forever preferred_lft forever
>
> When I dig for AAAA record to ipv6.idrobot.net I don't get a timeout
>
> dig AAAA ipv6.idrobot.net
>
> ; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.10.rc1.el6_3.6 <<>> AAAA ipv6.idrobot.net
> ;; global options: +cmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 34596
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
>
> ;; QUESTION SECTION:
> ;ipv6.idrobot.net. IN AAAA
>
> ;; AUTHORITY SECTION:
> net. 900 IN SOA a.gtld-servers.net. nstld.verisign-grs.com. 1360654692 1800 900 604800 86400
>
> ;; Query time: 17 msec
> ;; SERVER: 160.85.192.100#53(160.85.192.100)
> ;; WHEN: Tue Feb 12 08:38:40 2013
> ;; MSG SIZE rcvd: 107
>
> When I dig for AAAA record to www2.zhlex.zh.ch I get one
>
> dig AAAA www2.zhlex.zh.ch
>
> ; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.10.rc1.el6_3.6 <<>> AAAA www2.zhlex.zh.ch
> ;; global options: +cmd
> ;; connection timed out; no servers could be reached
>
>
> Do you have the same timout as well with that host and ipv6 running? This is a domain which is queried a lot.

Yes. I traced it through three CNAME redirections to a pair of DNS
servers which do not respond to any AAAA queries.

# dig AAAA zhcompublicweb1.subd.djiktzh.ch @lc1.djiktzh.ch

; <<>> DiG 9.3.6-P1 <<>> AAAA zhcompublicweb1.subd.djiktzh.ch
@lc1.djiktzh.ch
;; global options: printcmd
;; connection timed out; no servers could be reached

# dig AAAA zhcompublicweb1.subd.djiktzh.ch @lc2.djiktzh.ch

; <<>> DiG 9.3.6-P1 <<>> AAAA zhcompublicweb1.subd.djiktzh.ch
@lc2.djiktzh.ch
;; global options: printcmd
;; connection timed out; no servers could be reached

Those DNS servers lc1.djiktzh.ch and lc2.djiktzh.ch are broken.

Amos
Received on Tue Feb 12 2013 - 09:53:51 MST

This archive was generated by hypermail 2.2.0 : Tue Feb 12 2013 - 12:00:05 MST