got a strange selection of errors in my logwatch that lists a 'network unreachable resolving nsX.somedomain.com' error repeatedly. This is on an Ubuntu 9.04 Server install with latest updates using bind for dns.
I've seen various blog posts blaming the repeated entries on spamassasin, but I don't have that installed.
The domains listed seem to be ones that are accessed within my network – but there's no reason my server should be attempting to resolve these – I have my ISP's name servers for that, and all my computers are configured to get DNS from the correct location.
Any ideas for a solution would be incredibly helpful – my logwatch results are getting longer and longer! I've given an example of these logs below.
network unreachable resolving 'e.ns.lanechange.info/A/IN': 2001:500:49::1#53: 1 Time(s)
network unreachable resolving 'e.ns.lanechange.info/AAAA/IN': 2001:500:49::1#53: 1 Time(s)
network unreachable resolving 'echochamber.me/A/IN': 2001:4830:120:1::1#53: 1 Time(s)
I also have similar results for ROOT-SERVERS.NET
Best Answer
It seems bind by default now tries to resolve queries recursively using ipv6. The log clearly states that bind tries to resolve recursively using ipv6, so I doubt that it isn't used for that.
2001:4830:120:1is not reachable at least.Add
-4to the bind command line to disable this. For debian, this means to putinto
/etc/default/bind9, don't know if it's the same in ubuntu.