From owner-freebsd-net Wed Jul 24 20:34: 1 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 0C16C37B400 for ; Wed, 24 Jul 2002 20:33:55 -0700 (PDT) Received: from gw.catspoiler.org (217-ip-163.nccn.net [209.79.217.163]) by mx1.FreeBSD.org (Postfix) with ESMTP id 4BFC843E5E for ; Wed, 24 Jul 2002 20:33:52 -0700 (PDT) (envelope-from dl-freebsd@catspoiler.org) Received: from mousie.catspoiler.org (mousie.catspoiler.org [192.168.101.2]) by gw.catspoiler.org (8.12.5/8.12.5) with ESMTP id g6P3Xfwr052669; Wed, 24 Jul 2002 20:33:45 -0700 (PDT) (envelope-from dl-freebsd@catspoiler.org) Message-Id: <200207250333.g6P3Xfwr052669@gw.catspoiler.org> Date: Wed, 24 Jul 2002 20:33:41 -0700 (PDT) From: Don Lewis Subject: Re: disabling IPv6 *without* recompiling the kernel To: jinmei@isl.rdc.toshiba.co.jp Cc: dl-freebsd@catspoiler.org, net@FreeBSD.ORG In-Reply-To: MIME-Version: 1.0 Content-Type: TEXT/plain; charset=US-ASCII Content-Transfer-Encoding: 8BIT Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On 24 Jul, JINMEI Tatuya / ^TÉ wrote: >>>>>> On Sat, 20 Jul 2002 20:33:10 -0700 (PDT), >>>>>> Don Lewis said: > >> I've run into the same problems with Mozilla that many other people have >> reported. > > (...snip) > > Thanks for the careful check and suggestions. I think we should take > them seriously. But before that, please let me check something: > >> Even though I'm on an IPv4 only network, I'm seeing DNS >> lookups for AAAA records, many of which are timing out due to problems > > Does the DNS servers have A records for the same name? Yes. > If so, it > should not take a long time out to resolve the corresponding AAAA > records. The authoritative server should just return a response with > the empty answer section. Or, are you talking about an unreachable > server that even cannot return the A records, and the AAAA query > doubles the total delay? The problem I'm seeing is with servers that return answers for A record queries, but seem to totally ignore queries for AAAA records. % dig vanguard.com ns ; <<>> DiG 8.3 <<>> vanguard.com ns ;; res options: init recurs defnam dnsrch ;; got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 2 ;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 3, ADDITIONAL: 0 ;; QUERY SECTION: ;; vanguard.com, type = NS, class = IN ;; ANSWER SECTION: vanguard.com. 4H IN NS ns2.vanguard.com. vanguard.com. 4H IN NS ns3.vanguard.com. vanguard.com. 4H IN NS ns.vanguard.com. ;; AUTHORITY SECTION: vanguard.com. 4H IN NS ns2.vanguard.com. vanguard.com. 4H IN NS ns3.vanguard.com. vanguard.com. 4H IN NS ns.vanguard.com. ;; Total query time: 150 msec ;; FROM: gw.catspoiler.org to SERVER: default -- 192.168.101.1 ;; WHEN: Wed Jul 24 20:17:46 2002 ;; MSG SIZE sent: 30 rcvd: 137 % dig www.vanguard.com a @ns.vanguard.com ; <<>> DiG 8.3 <<>> www.vanguard.com a @ns.vanguard.com ; (1 server found) ;; res options: init recurs defnam dnsrch ;; got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 4 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2 ;; QUERY SECTION: ;; www.vanguard.com, type = A, class = IN ;; ANSWER SECTION: www.vanguard.com. 0S IN A 192.175.173.8 ;; AUTHORITY SECTION: www.vanguard.com. 4H IN NS wsdds2.vanguard.com. www.vanguard.com. 4H IN NS wsdds1.vanguard.com. ;; ADDITIONAL SECTION: wsdds1.vanguard.com. 4H IN A 192.175.173.5 wsdds2.vanguard.com. 4H IN A 192.175.182.5 ;; Total query time: 122 msec ;; FROM: gw.catspoiler.org to SERVER: ns.vanguard.com 192.175.173.31 ;; WHEN: Wed Jul 24 20:23:18 2002 ;; MSG SIZE sent: 34 rcvd: 124 % dig www.vanguard.com aaaa @ns.vanguard.com ; <<>> DiG 8.3 <<>> www.vanguard.com aaaa @ns.vanguard.com ; (1 server found) ;; res options: init recurs defnam dnsrch ;; res_nsend to server ns.vanguard.com 192.175.173.31: Operation timed out Eventually the resolver seems to give up on the AAAA query and tries an A record query, but it can take a *long* time. Even after Mozilla discovers the IPv4 address, it seems to time out this information after a while and later accesses to a web site may get stuck looking up the IP address again. Even when things are working correctly, doubling the DNS lookup time could be painful for users with slow network connections. > Some DNS servers behave very badly; they responds to AAAA queries with > the NXDOMAIN code, and, as a result, suppress further queries even > when they have an A record. We should fix such servers, but, IMHO, > we do not have to change the resolver side behavior just due to this. I haven't seen this problem. >> I'm also seeing long pauses when >> Mozilla attempts to connect to various web sites which I suspect are >> caused by Mozilla's attempts to connect to unreachable IPv6 addresses. > > Regarding this issue, what do you mean by "an IPv4 only network"? > More specifically, > > - do you have any non-link-local IPv6 addresses? No. > - do you have an IPv6 default router? No. > If the answer is "no" for both, then the connection attempts to the > IPv6 destinations should immediately fail with EHOSTUNREACH and the > delay should not matter in usual operation. > > So, basically even if you have some link-local IPv6 addresses and the > IPv6 loopback address, neither of the AAAA queries nor the connection > attempts to IPv6 destinations should matter. If you saw exceptions, > I'd like to know more details. Unfortunately I don't have any trace information that might point out the cause. All I know was that I was sometimes seeing some very long pauses (tens of seconds or more) in Mozilla, and the status line at the bottom of the Mozilla window said it was attempting to connect. Both problems went away when I hacked my copy of the Mozilla source to cause it to always fail the IPv6 test. If I can find some spare time I'll turn the IPv6 stuff back on and look at the second problem some more. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message