> On Jul 17, 2018, at 2:29 PM, Tom Lane <tgl@sss.pgh.pa.us> wrote:
>
> The nameserver is one I run locally, and the only change it's seen lately
> is RHEL6's occasional security updates. I don't think that's where the
> issue came in.
>
> The full nameserver interaction is
>
> sendto(3,
"\x21\x86\x01\x00\x00\x01\x00\x00\x00\x00\x00\x00\x09\x62\x75\x69\x6c\x64\x66\x61\x72\x6d\x0a\x70\x6f\x73\x74\x67\x72\x65\x73\x71\x6c\x03\x6f\x72\x67\x00\x00\x1c\x00\x01",
42,MSG_NOSIGNAL, NULL, 0) = 42
00 1c is AAAA, so this is requesting the AAAA for buildfarm.postgresql.org
>
> recvfrom(3,
"\x21\x86\x81\x80\x00\x01\x00\x01\x00\x00\x00\x00\x09\x62\x75\x69\x6c\x64\x66\x61\x72\x6d\x0a\x70\x6f\x73\x74\x67\x72\x65\x73\x71\x6c\x03\x6f\x72\x67\x00\x00\x1c\x00\x01\xc0\x0c\x00\x1c\x00\x01\x00\x00\x06\xc1\x00\x10\x20\x01\x48\x00\x15\x01\x00\x01\x00\x00\x00\x00\x00\x00\x02\x17",
1024,0, {sa_family=AF_INET, sin_port=htons(53), sin_addr=inet_addr("127.0.0.1")}, [16]) = 70
>
> I don't have anything handy like wireshark installed on this machine, but
> I see the hex for buildfarm's IPv6 address in that response, and *not*
> the hex for its IPv4 address. Conversely, when I try the http: URL,
> I see a different query and only the IPv4 address in the response:
>
> sendto(3,
"\xa8\x93\x01\x00\x00\x01\x00\x00\x00\x00\x00\x00\x09\x62\x75\x69\x6c\x64\x66\x61\x72\x6d\x0a\x70\x6f\x73\x74\x67\x72\x65\x73\x71\x6c\x03\x6f\x72\x67\x00\x00\x01\x00\x01",
42,MSG_NOSIGNAL, NULL, 0) = 42
and 00 01 is A.
>
> recvfrom(3,
"\xa8\x93\x81\x80\x00\x01\x00\x01\x00\x00\x00\x00\x09\x62\x75\x69\x6c\x64\x66\x61\x72\x6d\x0a\x70\x6f\x73\x74\x67\x72\x65\x73\x71\x6c\x03\x6f\x72\x67\x00\x00\x01\x00\x01\xc0\x0c\x00\x01\x00\x01\x00\x00\x01\xd5\x00\x04\xae\x8f\x23\xd9",
1024,0, {sa_family=AF_INET, sin_port=htons(53), sin_addr=inet_addr("127.0.0.1")}, [16]) = 58
>
> It looks like Perl is specifically asking for AAAA in preference to A
> records, but only for https:. Weird.
Rather weird.
Cheers,
Steve
