On 28/08/2013 1:41 a.m., Michael Graham wrote:
Hi all, It's been a while since anyone asked this on the list so I thought I'd ask again. What it the recommended steps if a site's AAAA is completely broken? For example ondemand5.com fails as SERVFAIL after 2-4 secs. Disabling ipv6 in proc isn't enough to stop squid doing the AAAA lookup and it looks like I will need to pass ipv6.disable=1 to the kernel on startup to stop the lookup. The other option is that I can contact the admin for this dns server and tell them that there dns server is broken. What other options do I have for handling sites that have broken AAAA records?
What problem is it causing you exactly? Squid getting a SERVFAIL means it goes on and uses the IPv4 addresses instead.
NP: It is worth noting that this SERVFAIL happens on *less* IPv6-enabled sites overall than on IPv4-enabled ones. About 0.01% of IPv6 sites last time it was measured by APNIC researchers, and things have been steadily improving. Disabling access to IPv6 networks *entirely* for all your customers is a bit of overkill for that type of error rate.
Amos