Dig for link-local
Phil Mayers
p.mayers at imperial.ac.uk
Mon Mar 25 17:22:45 UTC 2013
On 25/03/13 17:13, Phil Mayers wrote:
> On 25/03/13 16:20, Kevin Darcy wrote:
>> Works fine for me on RedHat 5.7 without a scope-identifier in
>> /etc/resolv.conf. I notice, however, that the stock dig
>> (9.3.6-P1-RedHat-9.3.6-16.P1.el5, yeah, I know I should upgrade) shows
>> the scope identifier in its output:
>>
>> ;; SERVER: fe80::250:56bf:fe8d:47b%2#53(fe80::250:56bf:fe8d:47b)
>>
>> so it must be picking that up somehow along the way.
>
> During testing I observed that the *first* dig to a previously-unused
> link-local dest failed without a scope. After using a scope once, the LL
> worked without a scope for a short period of time.
>
> I didn't dig into why, but kernel routing cache seems the most likely
> explanation.
>
"dig", geddit! Ha ha... sigh.
Yeah, further investigation shows entries like:
fe80::blah via fe80::blah dev eth0 metric 0
cache mtu 1500 advmss 1440 hoplimit 4294967295
...in the output of "ip -6 route show table all". They seem to "live"
for about 60 seconds, but my guess is that things like open TCP sockets
or continuing activity will refresh them, so perhaps you have other
stuff happening over link-local that's keeping these cache entries hot?
Regardless - link-local addresses without a scope are an error waiting
to happen, IMO.
More information about the bind-users
mailing list