Subscribe:

Ads 468x60px

Pages

Monday, August 8, 2011

network unreachable resolving


If you are receiving the error in /var/log/messages for named service as follows.
Error::
Quote:
Feb 23 15:44:49 named[28471]: network unreachable resolving 'L.ROOT-SERVERS.NET/AAAA/IN': 2001:503:ba3e::2:30#53
Feb 23 15:44:49 named[28471]: network unreachable resolving 'G.ROOT-SERVERS.NET/AAAA/IN': 2001:dc3::35#53
Feb 23 15:44:49 named[28471]: network unreachable resolving 'L.ROOT-SERVERS.NET/AAAA/IN': 2001:503:c27::2:30#53
Feb 23 15:44:49 named[28471]: network unreachable resolving 'G.ROOT-SERVERS.NET/AAAA/IN': 2001:7fd::1#53
Feb 23 15:44:49 named[28471]: network unreachable resolving 'I.ROOT-SERVERS.NET/AAAA/IN': 2001:dc3::35#53
Feb 23 15:44:49 named[28471]: network unreachable resolving 'D.ROOT-SERVERS.NET/AAAA/IN': 2001:dc3::35#53
Feb 23 15:44:49 named[28471]: network unreachable resolving 'I.ROOT-SERVERS.NET/AAAA/IN': 2001:7fd::1#53
Feb 23 15:44:49 named[28471]: network unreachable resolving 'E.ROOT-SERVERS.NET/AAAA/IN': 2001:dc3::35#53
Feb 23 15:44:49 named[28471]: network unreachable resolving 'L.ROOT-SERVERS.NET/AAAA/IN': 2001:dc3::35#53
Feb 23 15:44:49 named[28471]: network unreachable resolving 'B.ROOT-SERVERS.NET/AAAA/IN': 2001:503:c27::2:30#53
Feb 23 15:44:49 named[28471]: network unreachable resolving 'L.ROOT-SERVERS.NET/AAAA/IN': 2001:7fd::1#53
Feb 23 15:44:49 named[28471]: network unreachable resolving 'C.ROOT-SERVERS.NET/AAAA/IN': 2001:503:c27::2:30#53
Feb 23 15:44:49 named[28471]: network unreachable resolving 'B.ROOT-SERVERS.NET/AAAA/IN': 2001:dc3::35#53

Cause:
As per the change log of BIND for CentOS 5.4 updates (bind-chroot-9.3.6-4.P1.el5_4.1) , the latest BIND DNS server is enabled by default for IPV6 DNS resolving. Any DNS query made to the DNS server will caused the program to also resolved IPV6 IP regardless that the host server or client is not IPV6 enable or capable.

Solution:
Disable the IPV6 in BIND by editing the file /etc/sysconfig/named file and adding the following options into the BIND startup

# vim /etc/sysconfig/named
OPTIONS="-4"
:wq

This will cause the BIND server to only resolve or use IPV4 and disable IPV6 support. Save the file and restart BIND server.
# /etc/init.d/named restart

Posted by Unknown at 6:53 AM
Labels: ,

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)