Problem with recursively resolving AAAA records from CNAMES
Teran McKinney
sega01 at gmail.com
Mon Jun 16 11:18:31 EDT 2008
Hi,
I had heard about MaraDNS from a friend and wanted to implement a
recursive DNS server for my LAN. MaraDNS looked quite nice, so I
decided to give it a try. I recently migrated from DD-WRT to OpenWRT,
and used its 1.2.12.06 MaraDNS package. Everything worked perfectly,
except I started to notice that I did not connect over IPv6 to some
IPv6-enabled sites. Digging a little deeper, I found that only sites
that used CNAMEs pointing to records with AAAA records were the
culrpit.
For example:
sega01[~]$ dig ipv6.google.com aaaa
; <<>> DiG 9.4.2 <<>> ipv6.google.com aaaa
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 4801
;; flags: qr; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;ipv6.google.com. IN AAAA
;; ANSWER SECTION:
ipv6.google.com. 900 IN CNAME ipv6.l.google.com.
;; Query time: 221 msec
;; SERVER: 192.168.8.1#53(192.168.8.1)
;; WHEN: Mon Jun 16 11:11:00 2008
;; MSG SIZE rcvd: 54
However, it appears that MaraDNS does not recursively resolve the
CNAME's target for AAAA records.
OpenDNS returns the following:
sega01[~]$ dig ipv6.google.com aaaa @208.67.222.222
; <<>> DiG 9.4.2 <<>> ipv6.google.com aaaa @208.67.222.222
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 59569
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;ipv6.google.com. IN AAAA
;; ANSWER SECTION:
ipv6.google.com. 9753 IN CNAME ipv6.l.google.com.
ipv6.l.google.com. 300 IN AAAA 2001:4860:0:2001::68
;; Query time: 50 msec
;; SERVER: 208.67.222.222#53(208.67.222.222)
;; WHEN: Mon Jun 16 11:12:44 2008
;; MSG SIZE rcvd: 82
There is no issue with MaraDNS using CNAMEs and A records, but AAAA
records individually work fine. I have also tested this on 1.3.11 with
the same results. Some other users on #ipv6 reported the same issues
with MaraDNS after I asked about this.
Any ideas?
Thanks,
Teran McKinney (sega01)
More information about the list
mailing list