m.roth at 5-cent.us wrote: > m.roth at 5-cent.us wrote: >> A few weeks ago, suddenly, reading news at lunch, I could not get to >> nytimes.com. I could ping it, and nslookup it, and if I put the IP >> address in place of the name, it was fine. >> >> After *much* back and forth over a ticket I put in, over the last week >> or so, our group figured it out: It *seemed* to be related to IPv6, and >> there's only *some* few sites, such as the Times, and Orbits, and one or >> two others I found, while, say, the Washington Post, or Huffpo, etc, >> were fine; and I could make it work by putting IPV6INIT="no" in ifcfg-eth0 >> and restarting the network, but another admin got it nailed, we *think*: >> apparently the M$-based DNS resolver's sending back extended DNS >> packets, and we gag. tcpdump saw us asking for an A record, then an AAAA record, then using search.... >> >> But putting the *very* counterintuitive option edns0 in >> /etc/resolv.conf, >> it works instantly, no caching, no nuthin'. Taking that out breaks it >> again. >> Hate to follow myself up, but here's another question: is it possible that th3e IPV6INIT="yes" in ifcfg-eth0 sets the networking into a state where it's sending *out* an edns query record, but doesn't understand the reply edns record, until we tell it to with option edns0? mark