Re: exim4 floods dns (and its log) with AAAA queries, though NO ipv6 avail

dummy@example.com (dave) — Tue, 12 Nov 2024 20:06:25 +0000

I know it's been awhile since this was posted, but to hopefully close the circle...

In my (monolithic) /etc/exim4/exim4.conf I have 2 lines which may be relevant:

#9. disable any ipv6. Use only IPV4 lookup
disable_ipv6 = true
dns_ipv4_lookup = *

This is on an IPv4 only system.

exim4 floods dns (and its log) with AAAA queries, though NO ipv6 avail

dummy@example.com (webman) — Tue, 09 Jan 2024 04:02:33 +0000

Hello!

Wondering, why my DNS log (dnsmasq) is that large and took an tcpdump.
Easy to see, that my new devuan daedalus (running in KVM) causes this,
but the root cause is not easy to find.

Now, that I have Systemtap made running, this is a snip.

stap /ops/monits/watchport53.stp 
exim4[15354] sent packet to 192.168.26.254:53
exim4[15354] sent packet to 192.168.26.254:53
exim4[15364] sent packet to 192.168.26.254:53

So, exim4 ist the beast - dnsmasq shows:

04:55:07 dnsmasq[236175]: 3981 192.168.99.58/35315 query[AAAA] devu5test.home.local from 192.168.26.58
04:55:07 dnsmasq[236175]: 3981 192.168.99.58/35315 config devu5test.home.local is NODATA-IPv6
04:55:07 dnsmasq[236175]: 3981 192.168.99.58/36463 query[AAAA] devu5test1kvm from 192.168.26.58
04:55:07 dnsmasq[236175]: 3981 192.168.99.58/36463 config devu5test1kvm is NODATA-IPv6

The hit to this is the fact, that it queries for its own host, which
does not have any ipv6 address (disabled by kernel commandline)
and no ipv6 addresses in hosts.
The other importent problem with this is, that it makes dns-log checks a pain.

Note (later added): I've removed the ipv6 address from exim's config.

How can I stop this dirty packet flood?

Thanks,
Manfred

Dev1 Galaxy Forum / exim4 floods dns (and its log) with AAAA queries, though NO ipv6 avail

Re: exim4 floods dns (and its log) with AAAA queries, though NO ipv6 avail

exim4 floods dns (and its log) with AAAA queries, though NO ipv6 avail