Thanks. Yes, the modules are disabled via /etc/modprobe.conf: alias net-pf-10 off alias ipv6 off The issue at stake here is not queries timing out, as these aren't even external network queries, it's the queries being sent to begin with. We have thousands of CentOS 5 boxes all doing 3 or more IPv6 DNS queries for 1 IPv4 host. These aren't wanted or needed on the network, and it's causing a large amount of unneeded traffic and strain on our DNS servers. We need the traffic to go away, we don't want any IPv6 DNS queries at all, as they are useless to us. They should not be sent when IPv6 is disabled in both networking and kernel modules, and no IPv6 address exists on the interfaces, yet they still are. I'm unsure how enabling IPv6 via /etc/sysconfig/network is going to make the IPv6 DNS queries stop, but I tried it anyway: [root@hostname1 sysconfig]# nano -w network [root@hostname1 sysconfig]# service network restart Shutting down interface eth0: [ OK ] Shutting down loopback interface: [ OK ] FATAL: Module off not found. CRITICAL : [ipv6_test] Kernel is not compiled with IPv6 support Bringing up loopback interface: [ OK ] Bringing up interface eth0: [ OK ] FATAL: Module off not found. CRITICAL : [ipv6_test] Kernel is not compiled with IPv6 support Re-enabling the IPv6 kernel modules will just put us back to where we were to begin with. Any other ideas on how to make the AAAA queries stop? On 4/4/2011 12:10 PM, Brunner, Brian T. wrote: > centos-bounces@xxxxxxxxxx wrote: >> Thank you, but unfortunately this is a different issue. These boxes do >> not run bind, they resolve their DNS queries via dedicated bind >> servers on the network. Configuring the bind servers on the network a >> different way still would not stop the IPv6 traffic I am showing in >> the TCP dump from being sent. > Things described in the bug report are > > Adding > NETWORKING_IPV6=yes > to /etc/sysconfig/network > prevents the queries to root nameservers with IPv6 addresses > timing out. > > And > > alias net-pf-10 off to /etc/modprobe.conf > > Have you tried both of them? > >> On 4/4/2011 11:54 AM, Stephen Harris wrote: >>> On Mon, Apr 04, 2011 at 11:34:25AM -0500, Russell Jones wrote: >>>> [root@hostname1 ~]# tcpdump -vvvvv 'port 53' >>>> tcpdump: listening on eth0, link-type EN10MB (Ethernet), capture >>>> size 96 bytes >>>> >>>> 11:07:24.989304 IP (tos 0x0, ttl 64, id 65039, offset 0, flags >>>> [DF], proto: UDP (17), length: 60) hostname1.59725> >>>> vdns1-hc.example.com.domain: [bad udp cksum 2bd2!] 26130+ AAAA? >>>> hostname2.example.com. (32) >>> Check https://bugzilla.redhat.com/show_bug.cgi?id=140528 and see if >>> that resolves your issue. >>> >> _______________________________________________ >> CentOS mailing list >> CentOS@xxxxxxxxxx >> http://lists.centos.org/mailman/listinfo/centos > > > Insert spiffy .sig here: > Life is complex: it has both real and imaginary parts. > > //me > ******************************************************************* > This email and any files transmitted with it are confidential and > intended solely for the use of the individual or entity to whom > they are addressed. If you have received this email in error please > notify the system manager. This footnote also confirms that this > email message has been swept for the presence of computer viruses. > www.Hubbell.com - Hubbell Incorporated** > > _______________________________________________ > CentOS mailing list > CentOS@xxxxxxxxxx > http://lists.centos.org/mailman/listinfo/centos > _______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos