berturion Posted January 24, 2016 Share Posted January 24, 2016 Hello, My problem is that curl tries to use ipv6 to resolve DNS entries and my home modem-router doesn't handle ipv6 so curl fails and fallbacks to ipv4. The process lasts 10 to 15 seconds because of this. For example (38s - 23s = 15s to resolve hostname): $ curl -v --trace-time https://api.owncloud.com 15:53:23.053958 * Rebuilt URL to: https://api.owncloud.com/ 15:53:23.055233 * Hostname was NOT found in DNS cache 15:53:38.583565 * Trying 85.25.74.45... 15:53:38.803420 * Connected to api.owncloud.com (85.25.74.45) port 443 (#0) And if I add '-4' option (only a few milliseconds): $ curl -4 -v --trace-time https://api.owncloud.com 15:54:43.543512 * Rebuilt URL to: https://api.owncloud.com/ 15:54:43.544649 * Hostname was NOT found in DNS cache 15:54:43.574628 * Trying 85.25.74.45... 15:54:43.792575 * Connected to api.owncloud.com (85.25.74.45) port 443 (#0) I try to make curl use ipv4 by default. I changed /etc/gai.conf and uncommented this line: precedence ::ffff:0:0/96 100 But it seems that it is ignored. So I tried to completely disable ipv6 protocol. I added to /etc/sysctl.conf these lines: net.ipv6.conf.all.disable_ipv6 = 1 net.ipv6.conf.default.disable_ipv6 = 1 net.ipv6.conf.lo.disable_ipv6 = 1 net.ipv6.conf.eth0.disable_ipv6 = 1 After reboot, same thing. Then I blacklisted ipv6 in a brand new /etc/modprobe.d/blacklist.conf file: blacklist ipv6 After reboot, same issue. I deleted all entries in /etc/hosts file relative to ipv6 address. After reboot, same issue. A method consists in disabling ipv6 with /etc/default/grub, but does Armbian uses grub ? update-grub command is not recognized. Though, it seems that ipv6 is really disabled: $ cat /proc/sys/net/ipv6/conf/all/disable_ipv6 1 $ man -k ipv6 | egrep gai | wc -l 0 $ cat /proc/net/if_inet6 (returns nothing) $ route -A inet Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface default sagembox.home 0.0.0.0 UG 0 0 0 eth0 192.168.24.0 * 255.255.255.0 U 0 0 0 eth0 $ route -A inet6 Kernel IPv6 routing table Destination Next Hop Flag Met Ref Use If ::/0 :: !n -1 1 63 lo ::/0 :: !n -1 1 63 lo I still have ipv6 connections: $ netstat -tupvnl | grep -e 'tcp6\|udp6' tcp6 0 0 :::41921 :::* LISTEN 1575/rpc.mountd tcp6 0 0 :::2049 :::* LISTEN - tcp6 0 0 :::37346 :::* LISTEN 1575/rpc.mountd tcp6 0 0 :::33253 :::* LISTEN - tcp6 0 0 :::58245 :::* LISTEN 1147/rpc.statd tcp6 0 0 :::139 :::* LISTEN 2567/smbd tcp6 0 0 :::111 :::* LISTEN 1119/rpcbind tcp6 0 0 :::44438 :::* LISTEN 1575/rpc.mountd tcp6 0 0 :::445 :::* LISTEN 2567/smbd udp6 0 0 :::52456 :::* 1575/rpc.mountd udp6 0 0 :::50925 :::* 1575/rpc.mountd udp6 0 0 :::31549 :::* 1062/dhclient udp6 0 0 :::870 :::* 1119/rpcbind udp6 0 0 :::2049 :::* - udp6 0 0 :::39428 :::* 1147/rpc.statd udp6 0 0 :::111 :::* 1119/rpcbind udp6 0 0 :::123 :::* 2108/ntpd udp6 0 0 :::42127 :::* 1575/rpc.mountd udp6 0 0 :::42153 :::* - I can't find a way to make curl using ipv4 DNS resolving only... Need help... Link to comment Share on other sites More sharing options...
tkaiser Posted January 24, 2016 Share Posted January 24, 2016 Why not just using 'alias curl=/usr/bin/curl -4' then? Link to comment Share on other sites More sharing options...
berturion Posted January 24, 2016 Author Share Posted January 24, 2016 Why not, I didn't know that. In which file should I write this ? Is it system wide ? Does php5-curl calls use this ? Link to comment Share on other sites More sharing options...
zador.blood.stained Posted January 24, 2016 Share Posted January 24, 2016 @berturion If I understood your problem correctly, you already don't have IPv6 address on your network interface, but various application still request both A and AAAA DNS records, and DNS forwarder on your modem/router doesn't handle AAAA requests well. Assuming your router/modem doesn't run OpenWRT now, I would suggest using DNS proxy on your device, i.e. dnsmasq. Configuring it can be a little bit tricky, but in the end is should work. @tkaiser's solution will work, but only for curl. Link to comment Share on other sites More sharing options...
tkaiser Posted January 24, 2016 Share Posted January 24, 2016 To be set system wide you could write this to /etc/profile (have a look in there what other files will be read out and where stuff could be defined) Link to comment Share on other sites More sharing options...
berturion Posted January 24, 2016 Author Share Posted January 24, 2016 Thanks for your help. I added 'alias curl=/usr/bin/curl -4' in /etc/profile, logged out and logged in, but it seems that it is ignored. I also tried with 'alias curl="/usr/bin/curl -4"', also ignored. Since, my use case is a php-curl call, I am not sure that it can be achieve like that. Dnsmasq was the solution I wanted to avoid because of so much work. But if this is my only option... Link to comment Share on other sites More sharing options...
zador.blood.stained Posted January 24, 2016 Share Posted January 24, 2016 Sorry, just checked. dnsmasq is a perfect solution for disabling per-host and per-domain AAAA queries, but there is no option to make it happen for all domains, at least without recompiling it. Since, my use case is a php-curl call, I am not sure that it can be achieve like that. If php is running as a service, then logging out and back in won't update its environment. However, quick googling shows that php-curl has some configurable options: https://secure.php.net/manual/en/function.curl-setopt.php Search there for "CURL_IPRESOLVE_V4" Link to comment Share on other sites More sharing options...
berturion Posted January 25, 2016 Author Share Posted January 25, 2016 Ok. I re-enabled ipv6 on my machine and simply added these lines to /etc/dhcp/dhclient.conf: prepend domain-name-servers 79.133.43.124;prepend domain-name-servers 85.25.105.193; Since then, DNS resolving is done by my local server with opennic nameservers and not my modem-router which fails. Resolving lasts now 500ms long. Much better.The real problem was a bad local network configuration. I think my thread isn't so useful. Thanks for your help Link to comment Share on other sites More sharing options...
Recommended Posts