bind9 on debian jessie ignores -4 in /etc/default/bind9 and tries to make lookups via ipv6

by .pQd
tech, unimportant, ,

while checking one of the servers running debian jessie i’ve noticed that logs are full of:

Nov  1 06:26:43 xxxrtr named[32117]: error (network unreachable) resolving 'ns1.linode.com/A/IN': 2400:cb00:2049:1::a29f:1b48#53
Nov  1 06:26:43 xxxrtr named[32117]: error (network unreachable) resolving 'ns4.linode.com/A/IN': 2400:cb00:2049:1::a29f:1819#53
Nov  1 06:26:43 xxxrtr named[32117]: error (network unreachable) resolving 'ns5.linode.com/A/IN': 2400:cb00:2049:1::a29f:1819#53
Nov  1 06:26:43 xxxrtr named[32117]: error (network unreachable) resolving 'ns4.linode.com/AAAA/IN': 2400:cb00:2049:1::a29f:1b48#53
Nov  1 06:26:43 xxxrtr named[32117]: error (network unreachable) resolving 'ns5.linode.com/A/IN': 2400:cb00:2049:1::a29f:1b48#53
Nov  1 06:26:43 xxxrtr named[32117]: error (network unreachable) resolving 'ns4.linode.com/A/IN': 2400:cb00:2049:1::a29f:1b48#53
Nov  1 06:26:47 xxxrtr named[32117]: error (network unreachable) resolving 'glb3.glbdns2.microsoft.com/A/IN': 2001:503:ba3e::2:30#53
Nov  1 06:26:47 xxxrtr named[32117]: error (network unreachable) resolving 'glb4.glbdns2.microsoft.com/A/IN': 2001:503:ba3e::2:30#53
Nov  1 06:26:47 xxxrtr named[32117]: error (network unreachable) resolving 'glb3.glbdns2.microsoft.com/AAAA/IN': 2001:503:ba3e::2:30#53
Nov  1 06:26:47 xxxrtr named[32117]: error (network unreachable) resolving 'glb4.glbdns2.microsoft.com/AAAA/IN': 2001:503:ba3e::2:30#53
Nov  1 06:26:47 xxxrtr named[32117]: error (network unreachable) resolving 'glb3.glbdns2.microsoft.com/A/IN': 2001:500:2d::d#53
Nov  1 06:26:47 xxxrtr named[32117]: error (network unreachable) resolving 'glb4.glbdns2.microsoft.com/A/IN': 2001:500:2d::d#53
Nov  1 06:26:47 xxxrtr named[32117]: error (network unreachable) resolving 'glb3.glbdns2.microsoft.com/AAAA/IN': 2001:500:2d::d#53
Nov  1 06:26:47 xxxrtr named[32117]: error (network unreachable) resolving 'glb4.glbdns2.microsoft.com/AAAA/IN': 2001:500:2d::d#53
Nov  1 06:26:47 xxxrtr named[32117]: error (network unreachable) resolving 'glb3.glbdns2.microsoft.com/A/IN': 2001:500:2f::f#53
Nov  1 06:26:47 xxxrtr named[32117]: error (network unreachable) resolving 'glb4.glbdns2.microsoft.com/A/IN': 2001:500:2f::f#53
Nov  1 06:26:47 xxxrtr named[32117]: error (network unreachable) resolving 'glb3.glbdns2.microsoft.com/AAAA/IN': 2001:500:2f::f#53
Nov  1 06:26:47 xxxrtr named[32117]: error (network unreachable) resolving 'glb4.glbdns2.microsoft.com/AAAA/IN': 2001:500:2f::f#53

strange… didn’t i put “-4” in the /etc/default/bind9 ages ago?

# run resolvconf?
RESOLVCONF=no

# startup options for the server
OPTIONS="-f -4 -u bind"

apparently i did but ps shows that it was ignored:

bind     14931  0.1  0.9 404948 37100 ?        Ssl  11:58   0:00 /usr/sbin/named -4 -f -u bind

a bit of googling told me it’s a known problem with systemd [sic!] – the /etc/default/bind9 is ignored.

workaround?

mkdir /etc/systemd/system/bind9.service.d/
echo -e "[Service]\nExecStart=\nExecStart=/usr/sbin/named -4 -f -u bind\n" > /etc/systemd/system/bind9.service.d/local.conf
systemctl reenable bind9.service
service bind9 restart

now things look better on ps:

bind     14931  0.1  0.9 404948 37100 ?        Ssl  11:58   0:00 /usr/sbin/named -4 -f -u bind

Leave a Reply

Your email address will not be published. Required fields are marked *

(Spamcheck Enabled)