What's new

custom domains report NXDOMAIN for IPv6 DNS and fail to resolve in Alpine OS

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

icanfly

Occasional Visitor
I am using some custom domains name by editing /jffs/configs/dnsmasq.conf.add

problem is whenever I do an NSLOOKUP on one of those domains it returns NXDOMAIN for the IPV6 address even though IPv6 is disable everywhere in my network

This doesn't really cause an issue except in some of my docker containers that are running Alpine OS it sees the NXDOMAIN as an error and even though IPv6 is turned off, it won't resolve the domain name for IPv4

I reported it back to Alpine as a bug and they say its as designed and it should be reporting back as NODATA for IPv6 by the DNS Server (for which I am using the Router on Merlin as DNS) - https://gitlab.alpinelinux.org/alpine/aports/-/issues/15762

But as I said Alpine is the only OS I run which wont ignore the NXDOMAIN all my other environments, windows, debian, synology will resolve the ipv4 fine!

The workaround is to add a :: as a null ipv6 address for all my custom domains and now alpine will resolve the ipv4! Is there a way the DNS server can be updated for custom domains rto report back NODATA instead of NCDOMAIN for custom domains when there is no ipv6 address for it?

Cheers
 
But as I said Alpine is the only OS I run which wont ignore the NXDOMAIN all my other environments, windows, debian, synology will resolve the ipv4 fine!

Alpine Linux uses MUSL as the C library, so when you're using the resolver, it will behave a bit differently than glibc...

The resolver stops because the lookup fails as there is no AAAA record.

Create an AAAA record - it can be a link local address, e.g. fe80 so that the resolver doens't hang, and you can assign the IPv6 (and IPv4) in the Docker YAML file if I recall correctly - it's been a while since I've looked at Docker, so things might have changed...

Keep in mind that Docker has it's own internal DNS as well...


Something to note:

Nameservers with IPv6 addresses
If the /etc/resolv.conf file on the host system contains one or more nameserver entries with an IPv6 address, those nameserver entries get copied over to /etc/resolv.conf in containers that you run.

For containers using musl libc (in other words, Alpine Linux), this results in a race condition for hostname lookup. As a result, hostname resolution might sporadically fail if the external IPv6 DNS server wins the race condition against the embedded DNS server.

It's rare that the external DNS server is faster than the embedded one. But things like garbage collection, or large numbers of concurrent DNS requests, can sometimes result in a round trip to the external server being faster than local resolution.
 

Similar threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top