Package: libc6 Version: 2.11.3-3 Severity: important Tags: squeeze ipv6 After last glibc6 update 2.11.2-10 -> 2.11.3-2 resolver changed its behavior.
My setup (nothing strange): ipv6 enabled, but no special settings for it and my local DNS zone has only A records. How 2.11.2-10 works: When I type $ getent hosts mailsrv it get domain name from /etc/resolv.conf and do the following requests: 12:00:56.678524 IP standvm-squeeze.lvknet.33570 > ns.lvknet.domain: 41768+ AAAA? mailsrv.lvknet. (32) 12:00:56.679161 IP ns.lvknet.domain > standvm-squeeze.lvknet.33570: 41768* 0/1/0 (76) 12:00:56.679478 IP standvm-squeeze.lvknet.50893 > ns.lvknet.domain: 16915+ A? mailsrv.lvknet. (32) 12:00:56.679857 IP ns.lvknet.domain > standvm-squeeze.lvknet.50893: 16915* 1/1/1 A 192.168.132.4 (81) Ok, It tries ipv6 first, I dont need this, but no problem, at least my dns server knows the answer. But after upgrade to 2.11.3-2 it's behavior changed: 11:19:42.200667 IP standvm-squeeze.lvknet.54095 > ns.lvknet.domain: 17176+ AAAA? mailsrv.lvknet. (32) 11:19:42.201110 IP ns.lvknet.domain > standvm-squeeze.lvknet.54095: 17176* 0/1/0 (76) 11:19:42.201228 IP standvm-squeeze.lvknet.48952 > ns.lvknet.domain: 2218+ AAAA? mailsrv. (25) 11:19:42.202883 IP ns.lvknet.domain > standvm-squeeze.lvknet.48952: 2218 NXDomain 0/1/0 (100) 11:19:42.203028 IP standvm-squeeze.lvknet.54867 > ns.lvknet.domain: 364+ A? mailsrv.lvknet. (32) 11:19:42.203337 IP ns.lvknet.domain > standvm-squeeze.lvknet.54867: 364* 1/1/1 A 192.168.132.4 (81) It tries fqdn for ipv6 address, then just hostname without domain for ipv6 and only after that it asks for ipv4 address. I don't know why did upstream do this, but I see at least two problems: My DNS server knows my zone (lvknet. in my case), but when someone asks him for hostname. it will translate this request to my provider's DNS server (I use bind whith forward in my settings, nothing strange). 1.My provider will see every hosts request withing my network. This is security flow, I'm sure. 2.If I have connectivity problem with my provider, $ getent hosts validhostnamemyDNSserverknowsabout will hang for about a minute. -- System Information: Debian Release: 6.0.4 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable') Architecture: i386 (i686) Kernel: Linux 2.6.32-5-xen-686 (SMP w/2 CPU cores) Locale: LANG=ru_RU.UTF-8, LC_CTYPE=ru_RU.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages libc6 depends on: ii libc-bin 2.11.3-3 Embedded GNU C Library: Binaries ii libgcc1 1:4.4.5-8 GCC support library Versions of packages libc6 recommends: ii libc6-i686 2.11.3-3 Embedded GNU C Library: Shared lib Versions of packages libc6 suggests: ii debconf [debconf-2.0] 1.5.36.1 Debian configuration management sy pn glibc-doc <none> (no description available) ii locales 2.11.3-3 Embedded GNU C Library: National L -- debconf information: * glibc/restart-services: cron glibc/disable-screensaver: glibc/restart-failed: glibc/upgrade: true -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20120314082214.26900.17318.reportbug@standvm-squeeze.lvknet
