[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

IPv6 and IPv4 resolver preference bug?



Hi!

I deployed a test-bed IPv6 on my network some months ago. The last time
I checked it was running, I could "telnet" and "ssh" into other boxes
and check, by using "netstat", that IPv6 connections were being
established, even when both A and AAAA records were defined in the DNS
for the remote host.

Today, however, I have checked again and, what a surprise, it seems the
resolver is acting somewhat strangely. First, it's giving preference to
inet4 sockets over inet6 (telnetting to a host which has both A and AAAA
records defined, establishes an IPv4 connection over TCP), but what's
more, here's what "tcpdump" displays:

15:13:36.945274 192.168.0.100.33128 > 192.168.0.1.domain:  43559+ AAAA?
glass.felipe-alfaro.com. (41) (DF)
15:13:36.948384 192.168.0.1.domain > 192.168.0.100.33128:  43559* 1/1/1
AAAA[|domain] (DF)
15:13:36.949093 192.168.0.100.33128 > 192.168.0.1.domain:  43560+ A?
glass.felipe-alfaro.com. (41) (DF)
15:13:36.951962 192.168.0.1.domain > 192.168.0.100.33128:  43560* 1/1/1
A[|domain] (DF)
15:13:36.953119 192.168.0.100.33128 > 192.168.0.1.domain:  18462+ PTR?
\[x20000000000000000000000000000001/128][|domain] (DF)
15:13:36.956247 192.168.0.1.domain > 192.168.0.100.33128:  18462* 1/1/1
(123) (DF)
15:13:36.956991 192.168.0.100.33128 > 192.168.0.1.domain:  18463+ PTR?
2.0.168.192.in-addr.arpa. (42) (DF)
15:13:36.959943 192.168.0.1.domain > 192.168.0.100.33128:  18463* 1/1/1
PTR[|domain] (DF)
15:13:36.960843 192.168.0.100.33128 > 192.168.0.1.domain:  18464+ A?
glass.felipe-alfaro.com. (41) (DF)
15:13:36.963624 192.168.0.1.domain > 192.168.0.100.33128:  18464* 1/1/1
A[|domain] (DF)
15:13:36.964467 192.168.0.100.33336 > 192.168.0.2.telnet: S
969710258:969710258(0) win 5840 <mss 1460,sackOK,timestamp 15437359
0,nop,wscale 0> (DF) [tos 0x10]

As you can see, the resolver asks in first place for an IPv6 AAAA record
and then it's A record. Then, a two queries are sent to the DNS server,
one asking for the IPv6 ip6.arpa PTR record and another one for the IPv4
in-addr.arpa PTR record. What's really strange is the last query, asking
again for the A record of the remote host. I don't understand why this
query is sent in last place (cause this query was already done before),
and also why the application chose to use IPv4 over IPv6 when the remote
host supports both.

As I've read on RFC documents, when both A and AAAA records are defined
for a given host, the application should give preference to the IPv6
protocol over the IPv4 protocol. However, this is not the case. I can
force a TCP over IPv6 session by using "ssh -6", for example, but this
is not the desired behavior.

Does anyone know what's going on here? Is this a glibc's libresolv bug?

Thanks!




[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]