Stop BIND from using IPv6 to contact other DNS servers when doing recursion ??
-
Hello all together,
I am stuck with a problem in configuring the BIND package to do recursion.
From the logs i can see (see below) that BIND tries to contact the servers
in named.root by their IPv6 addresses.
This does not work as I don't have any IPv6 configured anywhere.The man page of named gives this as a start option to only enable IPv4:
OPTIONS="-4 -u bind"
But I am simple not able to find where in pfsense this needs to go, neither
in webconfig nor in the file system (where I don't like to fool around).I have how every tried to remove all IPv6 entries from the named.root which
did not lead to a fall back to IPv4 of BIND. (the IPv6 entires are back in
named.root by now)–--
named[71611]: queries: info: client XXX.XXX.XXX.XXX#50168 (www.google.com): view viewname: query: www.google.com IN A + (YYY.YYY.YYY.YYY)
named[71611]: resolver: debug 1: createfetch: www.google.com A
named[71611]: resolver: debug 1: createfetch: . NS
named[71611]: lame-servers: info: error (host unreachable) resolving 'www.google.com/A/IN': 2001:500:2::c#53
named[71611]: lame-servers: info: error (host unreachable) resolving './NS/IN': 2001:500:2::c#53
named[71611]: lame-servers: info: error (host unreachable) resolving 'www.google.com/A/IN': 2001:500:1::803f:235#53
named[71611]: lame-servers: info: error (host unreachable) resolving './NS/IN': 2001:500:1::803f:235#53
named[71611]: lame-servers: info: error (host unreachable) resolving 'www.google.com/A/IN': 2001:500:2d::d#53
named[71611]: lame-servers: info: error (host unreachable) resolving './NS/IN': 2001:500:2d::d#53
named[71611]: lame-servers: info: error (host unreachable) resolving 'www.google.com/A/IN': 2001:7fd::1#53
named[71611]: lame-servers: info: error (host unreachable) resolving './NS/IN': 2001:7fd::1#53
named[71611]: queries: info: client XXX.XXX.XXX.XXX#50168 (www.google.com): view viewname: query: www.google.com IN A + (YYY.YYY.YYY.YYY)
named[71611]: resolver: debug 1: createfetch: www.google.com A
named[71611]: lame-servers: info: error (host unreachable) resolving './NS/IN': 2001:500:3::42#53
named[71611]: lame-servers: info: error (host unreachable) resolving 'www.google.com/A/IN': 2001:500:3::42#53
named[71611]: lame-servers: info: error (host unreachable) resolving './NS/IN': 2001:503:ba3e::2:30#53
named[71611]: lame-servers: info: error (host unreachable) resolving 'www.google.com/A/IN': 2001:503:ba3e::2:30#53
named[71611]: lame-servers: info: error (host unreachable) resolving './NS/IN': 2001:503:c27::2:30#53
named[71611]: lame-servers: info: error (host unreachable) resolving 'www.google.com/A/IN': 2001:503:c27::2:30#53
named[71611]: queries: info: client XXX.XXX.XXX.XXX#50168 (www.google.com): view viewname: query: www.google.com IN A + (YYY.YYY.YYY.YYY)
named[71611]: resolver: debug 1: createfetch: www.google.com A
named[71611]: query-errors: debug 1: client XXX.XXX.XXX.XXX#50168 (www.google.com): view viewname: query failed (SERVFAIL) for www.google.com/IN/A at query.c:7005 -
-
Go to Diagnostics->Edit File
Browse and Load /usr/local/pkg/bind.inc
Go towards the end of the file and add -4 as shown
Save the file and go to the BIND Server page and click Save to apply the changefunction bind_write_rcfile() { $rc = array(); $BIND_LOCALBASE = "/usr/local"; $rc['file'] = 'named.sh'; $rc['start'] = <<<eod<br>if [ -z "`ps auxw | grep "[n]amed -4 -c /etc/namedb/named.conf"|awk '{print $2}'`" ];then {$BIND_LOCALBASE}/sbin/named -4 -c /etc/namedb/named.conf -u bind -t /cf/named/ fi EOD; $rc['stop'] = <<<eod<br>killall -9 named 2>/dev/null sleep 2 EOD; $rc['restart'] = <<<eod<br>if [ -z "`ps auxw | grep "[n]amed -4 -c /etc/namedb/named.conf"|awk '{print $2}'`" ];then {$BIND_LOCALBASE}/sbin/named -4 -c /etc/namedb/named.conf -u bind -t /cf/named/ else killall -9 named 2>/dev/null sleep 3 {$BIND_LOCALBASE}/sbin/named -4 -c /etc/namedb/named.conf -u bind -t /cf/named/ fi</eod<br></eod<br></eod<br>