The officially official Devuan Forum!

You are not logged in.

#1 2024-01-09 04:02:33

Registered: 2022-08-27
Posts: 22  

exim4 floods dns (and its log) with AAAA queries, though NO ipv6 avail


Wondering, why my DNS log (dnsmasq) is that large and took an tcpdump.
Easy to see, that my new devuan daedalus (running in KVM) causes this,
but the root cause is not easy to find.

Now, that I have Systemtap made running, this is a snip.

stap /ops/monits/watchport53.stp 
exim4[15354] sent packet to
exim4[15354] sent packet to
exim4[15364] sent packet to

So, exim4 ist the beast - dnsmasq shows:

04:55:07 dnsmasq[236175]: 3981 query[AAAA] devu5test.home.local from
04:55:07 dnsmasq[236175]: 3981 config devu5test.home.local is NODATA-IPv6
04:55:07 dnsmasq[236175]: 3981 query[AAAA] devu5test1kvm from
04:55:07 dnsmasq[236175]: 3981 config devu5test1kvm is NODATA-IPv6

The hit to this is the fact, that it queries for its own host, which
does not have any ipv6 address (disabled by kernel commandline)
and no ipv6 addresses in hosts.
The other importent problem with this is, that it makes dns-log checks a pain.

Note (later added): I've removed the ipv6 address from exim's config.

How can I stop this dirty packet flood?


Last edited by webman (2024-01-09 04:26:50)


Board footer