Bug 501698

Summary: improvement to default config, disable ipv6
Product: [Fedora] Fedora EPEL Reporter: Noa Resare <noa>
Component: unboundAssignee: Paul Wouters <pwouters>
Status: CLOSED NOTABUG QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: low Docs Contact:
Priority: low    
Version: el5CC: pwouters
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2009-05-20 17:11:06 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Noa Resare 2009-05-20 11:46:45 UTC 
Description of problem:
The default configuration shipped with unbound has ipv6 enabled. Unless you
are one of the lucky few that has ipv6 configured your syslog will get spammed
with notices related to unreachable ipv6 addresses. Since people using ipv6
presumably know what they are doing, disabling it in the default config seems
perfectly reasonable in the next few years.

Version-Release number of selected component (if applicable):
unbound-1.2.0-4

How reproducible:
always

Steps to Reproduce:
1. install unbound
2. start it up
3. resolve something connecting to localhost ($ dig @localhost www.redhat.com)
  
Actual results:
lots and lots of lines in /var/log/syslog for each unbound request of the following pattern: 

May 20 13:42:57 viktor unbound: [16389:1] notice: sendto failed: Network is unreachable
May 20 13:42:57 viktor unbound: [16389:1] notice: remote address is 2001:503:231d::2:30 port 53
May 20 13:42:57 viktor unbound: [16389:1] notice: error sending query to auth server; skip this address
May 20 13:42:57 viktor unbound: [16389:1] notice: error for address: 2001:503:231d::2:30 port 53


Expected results:
not being able to connect to ipv6 hosts should be the norm, and the syslog should be quiet about that

Additional info:
I have found that adding "do-ip6: no" to the appropriate place in /etc/unbound/unbound.conf resolves this
Comment 1 Paul Wouters 2009-05-20 17:11:06 UTC 
This is being addressed upstream. It's either fixed in 1.2.1 or 1.3.0.