On Sat, 4 Sep 2010 17:26:40 +0200, Benoit Panizzon <paniz...@woody.ch> said:
> Hi all > I seam to quite often stumble over this bug and wonder if the router is buggy > or the client is buggy. > Most Motorola ADSL/VDSL Routers which Swisscom sent to their customers for > about the last two years or so, have a DNS proxy enabled by default. The dhcp > clients get the IP address of the router as DNS. > Now some resolvers (the linux glibc resolver at least), when resolving a > hostname first ask for AAAA and when no RR and no error is returned, they ask > for the A record. > Now when a host is resolved that way via a Motorola DNS Proxy, the AAAA query > does not result in: > - No Error, no RR returned. > But in > - Error 0011 => No such Name. > If the linux glibc receives Error 0011 it does not continue looking for an A > record, but return 'Hostname not found' or similar immediately. Thus making > hosts which have a valid IPv4 but first were asked for their AAAA address not > reachable from linux. > The workaround is to not use the DNS proxy on those routers. > Windowses do not seam to have this problem, even with ipv6 enabled. > So who is wrong? The linux glibc or the router? The DNS proxy is clearly broken if it returns NXDomain instead of a NoData response if the Name exists but the AAAA record at that name doesn't. You'll also find that pretty much all DNS proxies out there are broken when it comes to EDNS and/or DNSSEC. It's really a tragedy that ISPs don't pay any attention to this when they select such equipment. It is correct for a stub resolver to stop looking for other records at a name that it just learned doesn't exist (I assume you do have IPv6 connectivity, because otherwise the stub resolver should not look for a AAAA record at all). -- Alex _______________________________________________ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
