I may have gotten protocol orders wrong in my analysis, or the dns-lookup-mechanism has been altered in the last libc update. The net result however, is still that every attempt by an application to connect to a v4-only host is preceded by a dns-request that result in a lost nxdomain response. Example: capturing DNS packets while connecting to a webserver with no v6-support reveal the following order of DNS queries and responses:
1. The client searches for an AAAA record. The DNS-server returns SOA with noerror.
2. The client tries the local variant of the AAAA record. The DNS-server returns NXDOMAIN which is lost in the faulty DNS-forwarder.
3. After timeout (20sec) the client goes looking for an A-record and succeeds.
Wouldn't it be preferable to prioritise differently? The client could send concurrent requests for A and AAAA, and drop the attempt on the local variant of AAAA when it gets one or more valid a-records.
Slight update to #142.
I may have gotten protocol orders wrong in my analysis, or the dns-lookup- mechanism has been altered in the last libc update. The net result however, is still that every attempt by an application to connect to a v4-only host is preceded by a dns-request that result in a lost nxdomain response. Example: capturing DNS packets while connecting to a webserver with no v6-support reveal the following order of DNS queries and responses:
1. The client searches for an AAAA record. The DNS-server returns SOA with noerror.
2. The client tries the local variant of the AAAA record. The DNS-server returns NXDOMAIN which is lost in the faulty DNS-forwarder.
3. After timeout (20sec) the client goes looking for an A-record and succeeds.
Wouldn't it be preferable to prioritise differently? The client could send concurrent requests for A and AAAA, and drop the attempt on the local variant of AAAA when it gets one or more valid a-records.