Here are some outputs from Ubuntu that works fine (sends A queries only) with ipv6 enabled and Debian that does not work fine (sends AAAA queries) with my DNS server. I have generated this output with the default settings of both Ubuntu and Debian. So, in the outputs below, you'll see ipv6 enabled in Debian. However, with ipv6 disabled in /etc/modprobe.d/aliases, the output remains similar and Debian does not work with my DNS server.
UBUNTU OUTPUTS:- $ lsmod | grep ipv6 ipv6 307072 10 $ sudo grep -R ipv6 /etc/ /etc/modprobe.d/aliases:alias net-pf-10 ipv6 /etc/mono/2.0/machine.config: <ipv6 enabled="false"/> /etc/mono/1.0/machine.config: <ipv6 enabled="false"/> /etc/protocols:ipv6 41 IPv6 # Internet Protocol, version 6 /etc/protocols:ipv6-route 43 IPv6-Route # Routing Header for IPv6 /etc/protocols:ipv6-frag 44 IPv6-Frag # Fragment Header for IPv6 /etc/protocols:ipv6-icmp 58 IPv6-ICMP # ICMP for IPv6 /etc/protocols:ipv6-nonxt 59 IPv6-NoNxt # No Next Header for IPv6 /etc/protocols:ipv6-opts 60 IPv6-Opts # Destination Options for IPv6 Binary file /etc/alternatives/cli matches Binary file /etc/alternatives/www-browser matches /etc/ppp/ipv6-up:if [ -x /etc/ppp/ipv6-up.local ]; then /etc/ppp/ipv6-up: exec /etc/ppp/ipv6-up.local "$*" /etc/ppp/ipv6-up:run-parts /etc/ppp/ipv6-up.d \ /etc/ppp/ipv6-down:if [ -x /etc/ppp/ipv6-down.local ]; then /etc/ppp/ipv6-down: exec /etc/ppp/ipv6-down.local "$*" /etc/ppp/ipv6-down:run-parts /etc/ppp/ipv6-down.d \ /etc/avahi/avahi-daemon.conf:use-ipv6=no /etc/avahi/avahi-daemon.conf:#publish-a-on-ipv6=no /etc/sysctl.conf:#net.ipv6.conf.default.forwarding=1 Binary file /etc/X11/X matches $ cat /etc/resolv.conf nameserver 192.168.1.1 $ ls -l /etc/resolv.conf -rw-r--r-- 1 root root 23 2007-12-15 23:41 /etc/resolv.conf DEBIAN OUTPUTS:- # lsmod | grep ipv6 ipv6 213856 19 # grep -R ipv6 /etc/ 2> /dev/null Binary file /etc/dosemu/drives/d/tmp/etherXXXXKM1kmz matches Binary file /etc/dosemu/drives/c/tmp/etherXXXXKM1kmz matches /etc/protocols:ipv6 41 IPv6 # Internet Protocol, version 6 /etc/protocols:ipv6-route 43 IPv6-Route # Routing Header for IPv6 /etc/protocols:ipv6-frag 44 IPv6-Frag # Fragment Header for IPv6 /etc/protocols:ipv6-icmp 58 IPv6-ICMP # ICMP for IPv6 /etc/protocols:ipv6-nonxt 59 IPv6-NoNxt # No Next Header for IPv6 /etc/protocols:ipv6-opts 60 IPv6-Opts # Destination Options for IPv6 /etc/avahi/avahi-daemon.conf:use-ipv6=no /etc/avahi/avahi-daemon.conf:#publish-a-on-ipv6=no Binary file /etc/X11/X matches Binary file /etc/alternatives/php matches Binary file /etc/alternatives/www-browser matches Binary file /etc/alternatives/emacs matches Binary file /etc/selinux/refpolicy-targeted/modules/active/base.linked matches Binary file /etc/selinux/refpolicy-targeted/modules/active/base.pp matches /etc/selinux/refpolicy-targeted/modules/active/file_contexts.template:/etc/ppp/ipv6-up\..* -- system_u:object_r:bin_t:s0 /etc/selinux/refpolicy-targeted/modules/active/file_contexts.template:/etc/ppp/ipv6-down\..* -- system_u:object_r:bin_t:s0 /etc/selinux/refpolicy-targeted/modules/active/file_contexts:/etc/ppp/ipv6-up\..* -- system_u:object_r:bin_t:s0 /etc/selinux/refpolicy-targeted/modules/active/file_contexts:/etc/ppp/ipv6-down\..* -- system_u:object_r:bin_t:s0 Binary file /etc/selinux/refpolicy-targeted/modules/previous/base.linked matches Binary file /etc/selinux/refpolicy-targeted/modules/previous/base.pp matches /etc/selinux/refpolicy-targeted/modules/previous/file_contexts.template:/etc/ppp/ipv6-up\..* -- system_u:object_r:bin_t:s0 /etc/selinux/refpolicy-targeted/modules/previous/file_contexts.template:/etc/ppp/ipv6-down\..* -- system_u:object_r:bin_t:s0 /etc/selinux/refpolicy-targeted/modules/previous/file_contexts:/etc/ppp/ipv6-up\..* -- system_u:object_r:bin_t:s0 /etc/selinux/refpolicy-targeted/modules/previous/file_contexts:/etc/ppp/ipv6-down\..* -- system_u:object_r:bin_t:s0 /etc/selinux/refpolicy-targeted/contexts/files/file_contexts:/etc/ppp/ipv6-up\..* -- system_u:object_r:bin_t:s0 /etc/selinux/refpolicy-targeted/contexts/files/file_contexts:/etc/ppp/ipv6-down\..* -- system_u:object_r:bin_t:s0 /etc/security/access.conf:# User "john" should get access from ipv4 as ipv6 net/mask /etc/security/access.conf:# User "john" should get access from ipv6 host address /etc/security/access.conf:# User "john" should get access from ipv6 host address (same as above) /etc/security/access.conf:# User "john" should get access from ipv6 net/mask /etc/sysctl.conf:#net.ipv6.ip_forward=1 /etc/modprobe.d/aliases:alias net-pf-10 ipv6 # cat /etc/resolv.conf # Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8) # DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN nameserver 192.168.1.1 # ls -l /etc/resolv.conf lrwxrwxrwx 1 root root 31 2007-12-14 21:22 /etc/resolv.conf -> /etc/resolvconf/run/resolv.conf TSHARK DNS LOGS IN UBUNTU:- Command: wget www.debian.org tshark output: 29.536837 192.168.1.5 -> 192.168.1.1 DNS Standard query A www.debian.org 29.540010 192.168.1.1 -> 192.168.1.5 DNS Standard query response A 194.109.137.218 Command: bitchx irc.freenode.net tshark output: 5.535012 192.168.1.5 -> 192.168.1.1 DNS Standard query A irc.freenode.net 5.538236 192.168.1.1 -> 192.168.1.5 DNS Standard query response A 207.158.1.150 TSHARK DNS LOGS IN DEBIAN:- Command: wget www.debian.org tshark output: 0.000344 192.168.1.5 -> 192.168.1.1 DNS Standard query AAAA www.debian.org 0.057051 192.168.1.1 -> 192.168.1.5 DNS Standard query response 0.057175 192.168.1.5 -> 192.168.1.1 DNS Standard query AAAA www.debian.org 0.060241 192.168.1.1 -> 192.168.1.5 DNS Standard query response[Malformed Packet] 0.060308 192.168.1.5 -> 192.168.1.1 DNS Standard query A www.debian.org 0.062209 192.168.1.1 -> 192.168.1.5 DNS Standard query response A 1.0.0.0 Command: bitchx irc.freenode.net tshark output: 1.839877 192.168.1.5 -> 192.168.1.1 DNS Standard query AAAA irc.freenode.net 1.891477 192.168.1.1 -> 192.168.1.5 DNS Standard query response CNAME chat.freenode.net 1.891623 192.168.1.5 -> 192.168.1.1 DNS Standard query A irc.freenode.net 1.896916 192.168.1.1 -> 192.168.1.5 DNS Standard query response A 1.0.0.0 Command: nslookup irc.freenode.net tshark output: 7.346382 192.168.1.5 -> 192.168.1.1 DNS Standard query A irc.freenode.net 7.673511 192.168.1.1 -> 192.168.1.5 DNS Standard query response CNAME chat.freenode.net A 209.177.146.34 A 82.96.64.4 A 140.211.166.4 A 207.158.1.150 A 140.211.166.3 A 64.161.254.20 A 208.71.169.36 A 216.165.191.52 A 213.92.8.4 Command: bitchx irc.freenode.net tshark output: 1.700702 192.168.1.5 -> 192.168.1.1 DNS Standard query AAAA irc.freenode.net 1.704137 192.168.1.1 -> 192.168.1.5 DNS Standard query response[Malformed Packet] 1.704609 192.168.1.5 -> 192.168.1.1 DNS Standard query A irc.freenode.net 1.707047 192.168.1.1 -> 192.168.1.5 DNS Standard query response A 209.177.146.34 So, as you can see once I did nslookup for irc.freenode.net, then bitchx could successfully connect to irc.freenode.net. After this, I installed bind9 and configured this in /etc/bind/named.conf.options (which is included in /etc/bind/named.conf) forwarders { 192.168.1.1; }; I did not use the -4 option for ipv4 only. I just ran the default /etc/init.d/bind9 start and tried wget www.debian.org. tshark logs below. TSHARK DNS LOGS IN DEBIAN WITH BIND9 NAMED:- Command: wget www.debian.org tshark output: 16.727530 192.168.1.5 -> 192.168.1.1 DNS Standard query AAAA www.debian.org 16.789290 192.168.1.1 -> 192.168.1.5 DNS Standard query response 16.790362 192.168.1.5 -> 192.168.1.1 DNS Standard query A www.debian.org 16.792937 192.168.1.1 -> 192.168.1.5 DNS Standard query response OPT 16.793168 192.168.1.5 -> 192.5.5.241 DNS Standard query A www.debian.org 16.840249 192.5.5.241 -> 192.168.1.5 DNS Standard query response 16.840964 192.168.1.5 -> 199.19.53.1 DNS Standard query A www.debian.org 17.227114 199.19.53.1 -> 192.168.1.5 DNS Standard query response 17.227680 192.168.1.5 -> 194.109.137.218 DNS Standard query A www.debian.org 17.438482 194.109.137.218 -> 192.168.1.5 DNS Standard query response A 194.109.137.218 With bind9 running, all applications run fine with the Internet. On Dec 15, 2007 10:14 PM, Nicolás Ruiz <[EMAIL PROTECTED]> wrote: > Yes, from a cursory search on google, it seems like running bind9 with > the "-4" option would work > > Are you using the same applications in debian and ubuntu? The > application is the one that controls if there are going to be AAAA > queries or not. But if you're totally sure that ubuntu does not make > AAAA queries, it should be controlled via the resolver library. Maybe > IPv6 can be disabled during compilation. > > > > > On Dec 15, 2007 9:40 PM, Nicolás Ruiz <[EMAIL PROTECTED]> wrote: > > > Hello: > > > > Amogh Hooshdar wrote: > >>>> I am using Debian Lenny. > >>>> > >>>> $ uname -a > >>>> Linux mylappy 2.6.18-4-486 #1 Wed May 9 22:23:40 UTC 2007 i686 GNU/Linux > >>>> > >>>> I changed the "alias net-pf-10 ipv6" line to the following two lines. > > That's an interesting problem, and although I don't have an answer, I > > can tell you that disabling the IPv6 module would not solve the problem. > > You see, the IPv6 module only controls the handling of ipv6 packets sent > > or received, while your problem is generating AAAA queries. Since the > > AAAA queries can be - and in this case are - transported over IPv4, it's > > not working. > > > > The solution should involve the resolver library, which you control via > > /etc/resolv.conf. As far as I can tell, there is no system-wide way to > > prevent the use of IPv6, so no luck there. > > > > The only way I can think of (if you can't just update the DNS server to > > be able to handle IPv6 requests) is to install a local DNS server in > > your own laptop, disable handling (and querying) of AAAA records in the > > DNS server and make it recursive. Finally, point your resolver > > (/etc/resolv.conf) only to your local DNS server. > > > > hope it helps > > nicolás > > > >>>> alias net-pf-10 off > >>>> alias ipv6 off > >>>> > >>>> After rebooting, I checked: lsmod | grep ipv6. Sure enough it is gone > >>>> and the command gives nil output. But when I use bitchx or pidgin to > >>>> connect to irc.freenode.net, I can still see DNS AAAA irc.freenode.net > >>>> type of queries.As a result our DNS server that can't handle > >>>> ipv6 returns 1.0.0.0 as the address and the clients don't work. > >>>> > >>>> (1) First I tried making these changes /etc/modprobe.d/aliases - Result: > >>>> problem persists (Yes, I did reboot after the changes) > >>>> > >>>> (2) Next, I tried adding the two alias off lines in > >>>> /etc/modeprobe.d/00local - Result: problem persists. > >>>> > >>>> (3) Finally, I added the line "blacklist ipv6" towards the top (5th line) > >>>> of /etc/modeprobe.d/blacklist - Result: still the problem persists. > >>>> > >>>> I have also tried the following as per some suggestions:- > >>>> > >>>> 1. commenting out ipv6 related lines in /etc/hosts > >>>> 2. /etc/init.d/avahi-daemon stop > >>>> > >>>> But they didn't help. > >>>> > >>>> I have succeeded to make Iceweasel work by setting > >>>> network.dns.disableIPv6=true in about:config. But I need a OS-wide > >>>> solution so that all my network apps do not send ipv6 DNS AAAA type > >>>> requests and they work successfully. > >>>> > >>>> Please help me to disable ipv6 completely. > >>>> > >>>> > >> > >> > > - -- > A: Because it destroys the flow of conversation. > Q: Why is top posting dumb? > - -- > Juan Nicolás Ruiz | Corporación Parque Tecnológico de Mérida > [EMAIL PROTECTED] | Mérida - Venezuela > PGP Key fingerprint = CDA7 9892 50F7 22F8 E379 08DA 9A3B 194B D641 C6FF > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.6 (GNU/Linux) > Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org > > iD8DBQFHZARpmjsZS9ZBxv8RAtc3AJ9Gte8YhprzGWyHHINZ2ZrlMtKD1gCfa00j > QQXpFWRn+Ga76ZSolPdH5WA= > =ppIM > -----END PGP SIGNATURE----- > >