Red Hat Bugzilla – Bug 161012
IPv6 enabled on default, hangs when sending DNS requests
Last modified: 2007-11-30 17:11:08 EST
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.8) Gecko/20050524 Fedora/1.0.4-4 Firefox/1.0.4
Description of problem:
IPv6 is enabled by default in FC4, and a lot of old routers do not support it. As a result, DNS Lookups take forever, because each time a DNS request is made, it takes a while to figure out that it has to fall back on IPv4. More importantly, there is no easy way within the GUI to disable IPv6. Ofcourse, a method in doing this would be editing /etc/modprobe.conf and adding "alias net-pf-10 off". I believe this is a signficant bug, because many newbies who aren't familiar with linux will not know how to fix this problem, and got back to Windows...
Version-Release number of selected component (if applicable):
Steps to Reproduce:
use a router that doesn't support IPv6
Actual Results: Browser hangs while looking up DNS, takes time to fall back on IPv4
Expected Results: There shoudl be an option to disable IPv6 withing GUI, or perhaps something to detect if IPv6 is not supported.
Sorry for the delay in processing this bug - I just got back from
This has nothing to do with the DHCPv6 package, which is for obtaining
IPv6 addresses and router subnet delegations with DHCP - if you had
been using it, IPv6 must have been enabled on your network; if you
are using it and your network has no IPv6 router, you are asking for
this type of problem - if this is the case, disable dhcpv6 and the
problem should go away - if not, read on.
You do not need to disable IPv6 - by default, the glibc resolver
should be asking for IPv4 addresses before IPv6 addresses.
So it appears you may have a problem with the glibc resolver,
or with your nameservers.
Please supply some further information :
1. Do you have an "options inet6" statement in /etc/resolv.conf ?
If so, remove it - this makes the glibc resolver always query
for AAAA addresses first.
If not, the problem is likely to be with your nameservers.
2. Do you know what version of BIND your nameservers use?
Old nameservers (prior to 9.3.0 / 9.2.5) have a problem with
timing out when root nameservers provide their IPv6 addresses
before their IPv4 addresses ( bug 140528 ) when not connected
to the IPv6 backbone. If you can, get your nameserver operators
to upgrade their nameservers.
3. If neither (1) nor (2) apply, please collect this information:
As root, run the command:
# tcpdump -nl -vvv -s 2048 port domain 2>&1 | tee /tmp/tcpdump.log&
Then reproduce the timeout problem with your browser. Once you
have reproduced it, then :
# pkill tcpdump
and append the /tmp/tcpdump.log file to this bug report.
You may also workaround the problem by installing the latest bind-*
and caching-nameserver packages, and doing:
# chkconfig --level=2345 named on; chkconfig --level=016 named off;
# echo 'supersede domain-name-servers 127.0.0.1;' \
# service named start
# ifdown eth0; ifup eth0
You'll then be using bind as a caching only nameserver, which will
attempt to contact the root nameservers directly and which does not
have the IPv6 timeout problem . NOTE: to do this, any firewalls must
allow your machine UDP port 53 access to the external internet.
I hope the above helps - if not, please let me know - thank you!
I cannot reproduce this problem, and the further information requested was not
forthcoming. If it is still an issue for you, please supply the requested
information and re-open this bug - closing it out as non-reproducible for now.