Hi Pieter, ah, that's interesting. That probably broke when I upgrade to 4.5.0 which failed on the previous `query-local-address6` option that was used to enable ipv6 (besides ipv4). I simply replaced it with `query-local-address`, never realizing this side-effect.
Thanks! -- Kind regards, Sjon Hortensius On Mon, 12 Jul 2021 at 15:30, Pieter Lexis via Pdns-users < pdns-users@mailman.powerdns.com> wrote: > Hi Sjors, > > Please keep the mailing-list in the 'To' field so others can see your > emails as well. > > On 7/12/21 2:05 PM, Sjon Hortensius wrote: > > > this is using PowerDNS Recursor 4.5.2 on archlinux, my configuration is > > pretty plain: > > > >> export-etc-hosts=on > >> local-address=::1 > >> query-local-address=:: > > The last option is your problem. You're _only_ using IPv6 to contact > other nameservers. Here's what happens: > > We've found the nameservers for public.lu via .lu: > Jul 12 15:14:44 [1] data.public.lu: got NS record 'public.lu' -> > 'ns1.etat.lu.' > Jul 12 15:14:44 [1] data.public.lu: got NS record 'public.lu' -> > 'ns2.etat.lu.' > Jul 12 15:14:44 [1] data.public.lu: got NS record 'public.lu' -> > 'ns3.etat.lu.' > > And get the glue addresses for those nameservers from the .lu servers: > Jul 12 15:14:44 [1] ns3.etat.lu: accept answer > 'etat.lu|NS|ns1.etat.lu.' from 'lu' nameservers? ttl=43200, place=2 YES! > Jul 12 15:14:44 [1] ns3.etat.lu: accept answer > 'etat.lu|NS|ns2.etat.lu.' from 'lu' nameservers? ttl=43200, place=2 YES! > Jul 12 15:14:44 [1] ns3.etat.lu: accept answer > 'etat.lu|NS|ns3.etat.lu.' from 'lu' nameservers? ttl=43200, place=2 YES! > > However, those are only IPv4 addresses. We can't reach those to because > you've disabled outgoing IPv4. Hence, there are no addresses for us to > contact (although we try to get the AAAA records, but there simply are > none). > > I can **highly** recommend turning on IPv4 outgoing in addition to IPv6 > with query-local-address=::,0.0.0.0. IPv6-only resolving simply does not > work on the current internet. > > > Would upgrading to 4.5.4 fix this? > > No, this will never work until those nameservers get IPv6 addresses (and > AAAA glue). > > Cheers, > > Pieter > > -- > Pieter Lexis > PowerDNS.COM BV -- https://www.powerdns.com > _______________________________________________ > Pdns-users mailing list > Pdns-users@mailman.powerdns.com > https://mailman.powerdns.com/mailman/listinfo/pdns-users >
_______________________________________________ Pdns-users mailing list Pdns-users@mailman.powerdns.com https://mailman.powerdns.com/mailman/listinfo/pdns-users
