From owner-freebsd-questions@FreeBSD.ORG Fri Nov 2 07:19:06 2007 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 7C86816A41B for ; Fri, 2 Nov 2007 07:19:06 +0000 (UTC) (envelope-from iaccounts@ibctech.ca) Received: from pearl.ibctech.ca (pearl.ibctech.ca [208.70.104.210]) by mx1.freebsd.org (Postfix) with ESMTP id 2C49A13C4A5 for ; Fri, 2 Nov 2007 07:19:06 +0000 (UTC) (envelope-from iaccounts@ibctech.ca) Received: (qmail 97043 invoked by uid 1002); 2 Nov 2007 05:29:10 -0000 Received: from iaccounts@ibctech.ca by pearl.ibctech.ca by uid 89 with qmail-scanner-1.22 (spamassassin: 2.64. Clear:RC:1(208.70.104.100):. Processed in 6.531177 secs); 02 Nov 2007 05:29:10 -0000 Received: from unknown (HELO ?192.168.30.110?) (steve@ibctech.ca@208.70.104.100) by pearl.ibctech.ca with (DHE-RSA-AES256-SHA encrypted) SMTP; 2 Nov 2007 05:29:03 -0000 Message-ID: <472AB52B.6070102@ibctech.ca> Date: Fri, 02 Nov 2007 01:27:07 -0400 From: Steve Bertrand User-Agent: Thunderbird 2.0.0.6 (Windows/20070728) MIME-Version: 1.0 To: Norberto Meijome References: <200711012041.13641.freebsd@dfwlp.com> <20071102150149.10be61d2@meijome.net> In-Reply-To: <20071102150149.10be61d2@meijome.net> X-Enigmail-Version: 0.95.4 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Cc: Jonathan Horne , freebsd-questions@freebsd.org Subject: Re: curious DNS behavior on a 7.0... X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 02 Nov 2007 07:19:06 -0000 >> however, right now "new" every website i browse is penalized with a 10-20 >> second delay before the page finally starts loading. tcpdump is full of >> these: > wouldn't it be your browser requesting the IPv6 address? you can check easy > enough by pinging any website (which you haven't resolved yet) and see if u get > the same calls. Good observation. > unless you are pointing your resolver to localhost, and your local named is > requesting the v6 AAAA records. Look into disabling this behaviour @ named.conf. I don't personally believe disabling this is the right approach. For instance, I set up a test IPv6 IP on an interface on a 100Mbps LANx WAN fast Ethernet connection. I then added an AAAA record to a named server. Working from another server on the same physical network (albeit different subnet across separate interfaces), the query time for both is exactly the same. Note that my resolver on 'cohiba' points to 208.70.104.3. cohiba# dig aaaa lanx-fa1.ibctech.ca lanx-fa1.ibctech.ca. 7087 IN AAAA 3ffe:ff00:1::1 ;; Query time: 0 msec cohiba# dig lanx-fa1.ibctech.ca ;lanx-fa1.ibctech.ca. IN A ;; Query time: 0 msec ...Now, performing the same test, from the same server, using the same DNS box looking for the exact same www site that the OP stated that was a problem originally: # INITIAL DNS LOOKUP cohiba# dig www.srh.noaa.gov ; <<>> DiG 9.3.2 <<>> www.srh.noaa.gov ;; ANSWER SECTION: www.srh.noaa.gov. 86400 IN A 216.38.80.20 ;; Query time: 210 msec ;; SERVER: 208.70.104.3#53(208.70.104.3) # SPECIFIC IPv6 LOOKUP (no answer) cohiba# dig aaaa www.srh.noaa.gov ; <<>> DiG 9.3.2 <<>> aaaa www.srh.noaa.gov ;www.srh.noaa.gov. IN AAAA ;; Query time: 102 msec CONCLUSION: If the last poster is right and it's only the browser is failing because it uses it's own faulty internal DNS resolver, then this is obviously a serious hindrance to the implementation of IPv6. Of course most 'users' aren't on the 'Internet' if their MSN page doesn't display, and will take the path of least cost to make it work ;) I'm not a protocol expert, but from what I can tell, a web browser DNS resolver/cache that works this way may also have quite an impact on the view regarding usability of any OS as IPv6 becomes more prevalent, not just FreeBSD. I've never noticed these problems before. Running Portable Firefox on my Windows XP workstation, I see the IPv6 and IPv4 address of all sites I go to, if they are v6 enabled. However, I have 16^N variables involved that make that an unfair evaluation. -- Does anyone else have issues in this regard? Particularly, does anyone else have IPv6 enabled, or better yet in use that can provide any feedback? Steve