IPv6 DNS requests? should we even be seeing these?
Mark_Andrews at isc.org
Mark_Andrews at isc.org
Sun Sep 22 22:53:58 UTC 2002
>
> DigitalVinyl wrote:
> >
> > We are receiving a variety of constant requests for mostly
> > non-existent names to our DNS servers. I noticed that six server
> > currently sending us constant requests are requesting AAAA records.
> > This is a DNS query for an IPv6 host. Should these ever be seen on a
> > IPv4 Internet?
>
> Bits of the Internet are running IPv6 and probably leak a few
> queries, but most of it is probably junk.
No. There is no way to know before making a query if a site
is reachable via IPv6. The queries are the result of trying
to discover if the site is reachable via IPv6.
> A common one is "openssh" which was shipped with IPv6 support
> the default by a wellknown Linux vendor, so it would send IPv6
> queries first.
It will become much more common as time goes by. More and
more applications are being made IPv6 aware. For most
applications there is very little extra work required.
> > Secondly, even the name that does exist is refused by our DNS servers.
> > I am guessing that is because we aren't resolving to an IPv6.
>
> If I ask for AAAA, and it doesn't exists, that is an NXDOMAIN,
> and cached.
>
> If you are "refusing" to answer for some reason, then don't be
> surprised if they ask again!
>
> > Is this normal or are these DNS servers misconfigured?
>
> Can't tell - more information needed.
>
> Where are the refused queries coming from, and what bit of
> named.conf is leading to them being refused?
--
Mark Andrews, Internet Software Consortium
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: Mark.Andrews at isc.org
More information about the bind-users
mailing list