Bug 501698 - improvement to default config, disable ipv6
improvement to default config, disable ipv6
Product: Fedora EPEL
Classification: Fedora
Component: unbound (Show other bugs)
All Linux
low Severity low
: ---
: ---
Assigned To: Paul Wouters
Fedora Extras Quality Assurance
Depends On:
  Show dependency treegraph
Reported: 2009-05-20 07:46 EDT by Noa Resare
Modified: 2009-05-20 13:11 EDT (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2009-05-20 13:11:06 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Noa Resare 2009-05-20 07:46:45 EDT
Description of problem:
The default configuration shipped with unbound has ipv6 enabled. Unless you
are one of the lucky few that has ipv6 configured your syslog will get spammed
with notices related to unreachable ipv6 addresses. Since people using ipv6
presumably know what they are doing, disabling it in the default config seems
perfectly reasonable in the next few years.

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:
1. install unbound
2. start it up
3. resolve something connecting to localhost ($ dig @localhost www.redhat.com)
Actual results:
lots and lots of lines in /var/log/syslog for each unbound request of the following pattern: 

May 20 13:42:57 viktor unbound: [16389:1] notice: sendto failed: Network is unreachable
May 20 13:42:57 viktor unbound: [16389:1] notice: remote address is 2001:503:231d::2:30 port 53
May 20 13:42:57 viktor unbound: [16389:1] notice: error sending query to auth server; skip this address
May 20 13:42:57 viktor unbound: [16389:1] notice: error for address: 2001:503:231d::2:30 port 53

Expected results:
not being able to connect to ipv6 hosts should be the norm, and the syslog should be quiet about that

Additional info:
I have found that adding "do-ip6: no" to the appropriate place in /etc/unbound/unbound.conf resolves this
Comment 1 Paul Wouters 2009-05-20 13:11:06 EDT
This is being addressed upstream. It's either fixed in 1.2.1 or 1.3.0.

Note You need to log in before you can comment on or make changes to this bug.