DNS query problem

Hi all!

I am fighting against a DNS resolution problem. I solved part of it thanks to the help of this great community, but I still have some remaining issues.

I run openwrt 19.07.7.

After a few hours of uptime, the DNS cache on one of my devices contains only IPv6 addresses for "www.apple.com".

Here's how I see this:

$dscacheutil -q host -a name www.apple.com
name: e6858.dscx.akamaiedge.net
alias: www.apple.com www.apple.com.edgekey.net www.apple.com.edgekey.net.globalredir.akadns.net 
ipv6_address: 2a02:26f0:7400:1ac::1aca
ipv6_address: 2a02:26f0:7400:1ad::1aca

(no IPv4 addresses).

Just after a reboot of the device (running macOS BigSur), IPv4 and IPv6 addresses are populated :

$dscacheutil -q host -a name www.apple.com
name: e6858.dscx.akamaiedge.net
alias: www.apple.com www.apple.com.edgekey.net www.apple.com.edgekey.net.globalredir.akadns.net 
ipv6_address: 2a02:26f0:7400:1ac::1aca
ipv6_address: 2a02:26f0:7400:1ad::1aca

name: e6858.dscx.akamaiedge.net
alias: www.apple.com www.apple.com.edgekey.net www.apple.com.edgekey.net.globalredir.akadns.net 
ip_address: 2.21.169.157

Because my network configuration does not support IPv6, that means I cannot access www.apple.com, creating all sorts of problems.

Here's what I noticed :

dig and traceroute work, even when dscacheutile does not show IPv4 addresses :

dig www.apple.com

; <<>> DiG 9.10.6 <<>> www.apple.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 36031
;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;www.apple.com.			IN	A

;; ANSWER SECTION:
www.apple.com.		1784	IN	CNAME	www.apple.com.edgekey.net.
www.apple.com.edgekey.net. 21584 IN	CNAME	www.apple.com.edgekey.net.globalredir.akadns.net.
www.apple.com.edgekey.net.globalredir.akadns.net. 3584 IN CNAME	e6858.dscx.akamaiedge.net.
e6858.dscx.akamaiedge.net. 4	IN	A	2.21.169.157

;; Query time: 57 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Sat Oct 23 12:05:14 BST 2021
;; MSG SIZE  rcvd: 192

Flushing the DNS cache does not solve the problem. A new DNS query only returns IPv6 addersses.

I ran tcpdump -i any port 53 on the openwrt router when making the dns query and saw this:

$tcpdump -i any port 53
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on any, link-type LINUX_SLL (Linux cooked v1), capture size 262144 bytes
11:59:34.585015 IP MyDevice.MyDomain.61411 > dns.google.53: 54119+ AAAA? www.apple.com. (31)
11:59:34.585015 IP MyDevice.MyDomain.61411 > dns.google.53: 54119+ AAAA? www.apple.com. (31)
11:59:34.585811 IP localhost.46447 > localhost.53: 22456+ PTR? 146.3.168.192.in-addr.arpa. (44)
11:59:34.614684 IP bl4-166-221.dsl.telepac.pt.59649 > 1.1.1.2.53: 35284+ AAAA? www.apple.com. (31)
11:59:34.614843 IP localhost.53 > localhost.46447: 22456* 1/0/0 PTR MyDevice.MyDomain. (77)
11:59:34.616282 IP localhost.37958 > localhost.53: 62251+ PTR? 221.166.193.81.in-addr.arpa. (45)
11:59:34.616412 IP localhost.53 > localhost.37958: 62251 1/0/0 PTR bl4-166-221.dsl.telepac.pt. (85)
11:59:34.619103 ethertype IPv4, IP 1.1.1.2.53 > bl4-166-221.dsl.telepac.pt.59649: 35284 5/0/0 CNAME www.apple.com.edgekey.net., CNAME www.apple.com.edgekey.net.globalredir.akadns.net., CNAME e6858.dscx.akamaiedge.net., AAAA 2a02:26f0:7400:1ad::1aca, AAAA 2a02:26f0:7400:1ac::1aca (221)
11:59:34.619103 IP 1.1.1.2.53 > bl4-166-221.dsl.telepac.pt.59649: 35284 5/0/0 CNAME www.apple.com.edgekey.net., CNAME www.apple.com.edgekey.net.globalredir.akadns.net., CNAME e6858.dscx.akamaiedge.net., AAAA 2a02:26f0:7400:1ad::1aca, AAAA 2a02:26f0:7400:1ac::1aca (221)
11:59:34.629546 IP dns.google.53 > MyDevice.MyDomain.61411: 54119 5/0/0 CNAME www.apple.com.edgekey.net., CNAME www.apple.com.edgekey.net.globalredir.akadns.net., CNAME e6858.dscx.akamaiedge.net., AAAA 2a02:26f0:7400:1ad::1aca, AAAA 2a02:26f0:7400:1ac::1aca (221)
11:59:34.629573 IP dns.google.53 > MyDevice.MyDomain.61411: 54119 5/0/0 CNAME www.apple.com.edgekey.net., CNAME www.apple.com.edgekey.net.globalredir.akadns.net., CNAME e6858.dscx.akamaiedge.net., AAAA 2a02:26f0:7400:1ad::1aca, AAAA 2a02:26f0:7400:1ac::1aca (221)

Does anyone know why my dns resolution does not include IPv4? Can I force this?

It looks to me that your device is asking for the IPv6 address... why would it do that, if you do not have an IPv6 network?

That's a great question. I have no idea. Do you know how to configure this on a mac by any chance?

The problem went away by changing the settings in System Preferences/Network/TCP/IPv6 from "automatic" to "off".

Hopefully the problem does not come back, but it seems quite promising so far.

Thanks @eduperez, your comment pointed me in the right direction.

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.