Error Network Unreachable Resolving Named
Contents |
Start here for a quick overview of the site Help Center Detailed answers to any questions you might have named network unreachable resolving ipv6 Meta Discuss the workings and policies of this site About Us Learn
Lame Servers Error Network Unreachable Resolving
more about Stack Overflow the company Business Learn more about hiring developers or posting ads with us error (network unreachable) resolving ubuntu Server Fault Questions Tags Users Badges Unanswered Ask Question _ Server Fault is a question and answer site for system and network administrators. Join them; it only takes
Named Disable Ipv6
a minute: Sign up Here's how it works: Anybody can ask a question Anybody can answer The best answers are voted up and rise to the top (network unreachable) error in my server logs up vote 3 down vote favorite 2 I'm getting lots of network unreachable lines in my Centos' messages log file. They seem they can't error (network unreachable) resolving debian resolve to certain addresses which I do not have any ideas why my server has to resolve to them in the first place. Could anyone let me know the origin of such error? Am I under an attack? Oct 23 11:39:03 server named[1585]: error (network unreachable) resolving './DNSKEY/IN': 2001:503:ba3e::2:30#53 Oct 23 11:39:03 server named[1585]: error (network unreachable) resolving './NS/IN': 2001:503:ba3e::2:30#53 Oct 23 11:39:03 server named[1585]: error (network unreachable) resolving 'dlv.isc.org/DNSKEY/IN': 2001:500:48::1#53 Oct 23 11:39:03 server named[1585]: error (network unreachable) resolving 'dlv.isc.org/DNSKEY/IN': 2001:4f8:0:2::19#53 Oct 23 11:39:03 server named[1585]: error (network unreachable) resolving 'ns.isc.afilias-nst.info/A/IN': 2001:500:2f::f#53 Oct 23 11:39:03 server named[1585]: error (network unreachable) resolving 'ns.isc.afilias-nst.info/AAAA/IN': 2001:500:2f::f#53 Oct 23 11:39:03 server named[1585]: error (network unreachable) resolving 'ns.isc.afilias-nst.info/A/IN': 2001:500:1::803f:235#53 Oct 23 11:39:03 server named[1585]: error (network unreachable) resolving 'ns.isc.afilias-nst.info/AAAA/IN': 2001:500:1::803f:235#53 Oct 23 11:39:03 server named[1585]: error (network unreachable) resolving 'ns.isc.afilias-nst.info/A/IN': 2001:503:c27::2:30#53 Oct 23 11:39:03 server named[1585]: error (network unreachable) resolving 'ns.isc.afilias-nst.info/AAAA/IN': 2001:503:c27::2:30#53 Oct 23 11:39:03 server named[1585]: error (network unreachable) resolving 'ns.isc.afilias-nst.info/A/IN': 2001:500:1a::1#53 Oct 23 11:39:03 server named[1585]: error (network unreachable) resolving 'dlv.isc.org/DNSKEY/IN': 2001:4f8:0:2::20#
file (messages are slightly obfuscated to protect innocent :)): Jun 29 14:32:11 someserver named[1459]: error (network unreachable) resolving 'www.eolprocess.com/A/IN': 2001:503:a83e::2:30#53 Jun 29 14:32:11 someserver named[1459]: error (network unreachable) resolving 'www.eolprocess.com/A/IN': 2001:503:231d::2:30#53 What these messages
Ubuntu Bind Disable Ipv6
say is that network that contains address 2001:503:231d::2:30 is unreachable. So, what's happening? The
Options="-4"
problem is that all modern operating systems support IPv6 out of the box. The same is for growing number of software dnssec-enable packages, among them is BIND too. So, operating system configures IPv6 address on interface and application thinks that IPv6 works and configures it. But, IPv6 doesn't work outside of the local network (there is no http://serverfault.com/questions/639061/network-unreachable-error-in-my-server-logs IPv6 capable router) so, IPv6 addresses, unless in local networks, are unreachable. So, you might ask now: but everything otherwise works, why is this case special! Well, the problem is that some DNS servers, anywhere in hierarchy, support IPv6, but not all. And when our resolver gets IPv6 address in response, it defaults to it and ignores IPv4. It obviously can not reach it so it logs a message and http://sgros.blogspot.com/2012/06/bind-and-network-unreachable-messages.html then tries IPv4. Once again, note that this IPv6 address can pop up anywhere in hierarchy, it isn't necessary to be on the last DNS server. In this concrete case name server for eolprocess.com doesn't support IPv6, but some name server for the top level com domain do support it! To prevent those messages from appearing add option -4 to bind during startup. On CentOS (Fedora/RHEL) add or modify the line OPTIONS in /etc/sysconfig/named so that it includes option -4, i.e. OPTIONS="-4" Posted by Stjepan Groš (sgros) at 14:49 Labels: bind, centos, dns, english, fedora, ipv4, ipv6, linux, named, netadm, network unreachable, problem, resolver, sysadm Location: Zagreb, Croatia 5 comments: joebuff said... /etc/sysconfing/named should be/etc/sysconfig/named January 8, 2014 at 2:15 PM Stjepan Groš (sgros) said... Fixed. Thanks. January 8, 2014 at 9:41 PM Richard Leji said... I really appreciate ur help! April 18, 2014 at 2:27 AM Илья Окатов said... where can disable this option in ubuntu? May 22, 2014 at 3:08 PM aber hallo said... /etc/default/bind9 :-) July 2, 2014 at 9:22 AM Post a Comment Newer Post Older Post Home Subscribe to: Post Comments (Atom) About Me Stjepan Groš (sgros) scientist, consultant, security specialist, networking guy, system administrator, philosopher ;) View my complete profile Blog Archive &
network unreachable in /log/messages 6 posts / 0 new Log in or register to post comments Last post #1 Wed, 07/09/2014 - 07:46 drguild Bind 9, network unreachable in /log/messages Have a strange thing https://www.virtualmin.com/node/33657 I run virtualmin on my system has bind etc setup but I don't do any public DNS stuff its only for my local lan. I checked some logs out of interest https://ubuntuforums.org/showthread.php?t=1608673 and noticed Bind9 is spewing network unreachable messages on load. The amount of messages is too long (a few hundred lines of it) so here is the start of bind to network unreachable a few of these messages. Everything is pretty much a default install my dms enteries are my ISP ones with my server (itself) 127.0.0.1 and 192.168.1.1 listed first. My search DNS server is set as itself was set to my isp for some reason I think postfix did that as I use my external hostname which is my-static-ip.ispdomain.com.au. Apart fromt that I don't network unreachable resolving know how to fix this or turn whatever feature off if I don't need it. Any clues on this? Jul 7 20:51:42 server named[15364]: ----------------------------------------------------
Jul 7 20:51:42 server named[15364]: BIND 9 is maintained by Internet Systems Consortium,
Jul 7 20:51:42 server named[15364]: Inc. (ISC), a non-profit 501(c)(3) public-benefit
Jul 7 20:51:42 server named[15364]: corporation. Support and training for BIND 9 are
Jul 7 20:51:42 server named[15364]: available at https://www.isc.org/support
Jul 7 20:51:42 server named[15364]: ----------------------------------------------------
Jul 7 20:51:42 server named[15364]: adjusted limit on open files from 4096 to 1048576
Jul 7 20:51:42 server named[15364]: found 2 CPUs, using 2 worker threads
Jul 7 20:51:42 server named[15364]: using up to 4096 sockets
Jul 7 20:51:42 server named[15364]: loading configuration from '/etc/named.conf'
Jul 7 20:51:42 server named[15364]: reading built-in trusted keys from file '/etc/named.iscdlv.key'
Jul 7 20:51:42 server named[15364]: using default UDP/IPv4 port range: [1024, 65535]
Jul 7 20:51:42 server named[15364]: using default UDP/IPv6 port range: [1024, 65535]
Jul 7 20:51:42 server named[15364]: listening on IPv6 interfaces, port 53
Jul 7 20:51:42 server named[15364]: listening on IPv4 interface lo, 127.0.0.1#53
Jul 7 20:51:42 server named[153
Get Kubuntu Get Xubuntu Get Lubuntu Get UbuntuStudio Get Mythbuntu Get Edubuntu Get Ubuntu-GNOME Get UbuntuKylin Ubuntu Code of Conduct Ubuntu Wiki Community Wiki Other Support Launchpad Answers Ubuntu IRC Support AskUbuntu Official Documentation User Documentation Social Media Facebook Twitter Useful Links Distrowatch Bugs: Ubuntu PPAs: Ubuntu Web Upd8: Ubuntu OMG! Ubuntu Ubuntu Insights Planet Ubuntu Activity Page Please read before SSO login Advanced Search Forum The Ubuntu Forum Community Ubuntu Specialised Support Ubuntu Servers, Cloud and Juju Server Platforms [ubuntu] bind9 attempting ipv6 on ipv4 network Having an Issue With Posting ? Do you want to help us debug the posting issues ? < is the place to report it, thanks ! Results 1 to 4 of 4 Thread: bind9 attempting ipv6 on ipv4 network Thread Tools Show Printable Version Subscribe to this Thread… Display Linear Mode Switch to Hybrid Mode Switch to Threaded Mode October 29th, 2010 #1 DrJohn999 View Profile View Forum Posts Private Message Frothy Coffee! Join Date Oct 2007 Location Hyperspace Beans 185 DistroUbuntu 14.04 Trusty Tahr bind9 attempting ipv6 on ipv4 network After upgrading from 9.10 to 10.04, a hundred or so of (for example) Code: error (network unreachable) resolving '14.42.117.203.in-addr.arpa/PTR/IN': 2001:500:13::c7d4:35#53: 1 Time(s) messages appear in syslog each day. Each URL has from 2 - 6 attempts at various ipv6 addresses. My question is why is bind9 trying to resolve ipv6 addresses? I have done nothing to enable or disable ipv6 and thought that if not explicitly enabled I would not have to be concerned with it. It's only a small niggle, but I'm curious to know what's going on. Adv Reply October 29th, 2010 #2 r00tintheb0x View Profile View Forum Posts Private Message Just Give Me the Beans! Join Date Apr 2007 Location Houston! Beans 76 DistroUbuntu Development Release Re: bind9 attempting ipv6 on ipv4 network This might help: http://ubuntu-tutorials.com/2009/03/...-or-ipv6-only/ Iff not, I think you're going to have to recompile... vi /etc/default/bind9 OPTIONS="-4 -u bind" //-4 = to use ipv4 only. I know I had to on Debian. Best Regards, r00t Adv Reply October 8th, 2012 #3 zorglubx View Profile View Forum Posts Private Message Spilled the Beans Join Date Jul 2009 Beans 12 Re: bind9 attempting ipv6 on ipv4 network Just wanted to thank you for solving my problem as well Adv Reply October 8th, 2012 #4 overdrank View Profile View Forum Posts Private Message supercalifragilisticexpia lidocious Join Date Feb 2007 Beans 23,849 DistroUbuntu 16.04 Xenial Xerus Re: bind9 attempting ipv6 on ipv4 network From the Ubuntu Forums Code of Conduct. I