If you use BIND and your system is not configured to use IPv6 then you will see the following annoying messages in your /var/log/syslog file:

named[13269]: error (network unreachable) resolving 'uk/DS/IN': 2001:500:1::803f:235#53

To resolve this you need to pass the "-4" option to /usr/sbin/named daemon.

The bind9 package historically used the /etc/default/bind9 file to allow you to configure custom options for the service.

However, Debian Jessie now uses systemd and because, unfortunately, the bind9 package maintainers did not do a good job adapting to this change, your only option for the time being seems to be to edit the /lib/systemd/system/bind9.service file to add the "-4" option and then run:

systemctl daemon-reload
service bind9 restart

It is possible that this process will need to be repeated if bind9 package is updated.

Similar instructions apply to Ubuntu LTS

heise Security

12. Dezember 2018

News und Hintergrund-Informationen zur IT-Sicherheit