For those of you that doesn’t use ipv6 yet there’s a chance it’s still enabled in your system. This isn’t really a bad thing but the log files might get some extra unnecessary cruft in them.
I found this to be true with bind, I was seeing a lot of these errors in my logs:
and found it was caused by IPv6 being enabled in bind, a quick google search will lead you to modifying start up file in /etc/defaults/bind9 with OPTIONS="-4 -u bind" but for some reason this doesn’t work. It’s because there’s a bug in debian bind systemd file which ignores these options. Actually using /etc/defaults/bind9 is deprecated for systemd, where they want us to put runtime configuration now is above me.
As a quick fix so you could replace the ExecStart line in /lib/systemd/system/bind9.service with this ExecStart=/usr/sbin/named -f -4 -u bind, but this might get overwritten by a new package release.
Here’s another workaround which was suggested in the linked thread above:
mkdir /etc/systemd/system/bind9.service.d
systemctl reenable bind9.service
This is a more permanent solution and will not get overwritten.
There’s one more file you need to modify to prevent bind from querying ipv6, edit /etc/bind/named.conf.options and comment listen-on-v6 { any; };
Now you can reload systemd daemon and restart with:
systemctl daemon-reload
systemctl restart bind9.service
Instead of modding systemd files, I found that adding the “-4” option to ‘/etc/default/bind’ works
Your comment is helpful, but e.g. with debian bullseye you should use /etc/default/named and add the -4 OPTIONS=”-u bind” to :
OPTIONS=”-4 -u bind”
(fairly vanilla Debian Jessie) Looking at /etc/default/bind, i found “-4” already in there. Using your suggestion about /etc/systemd/system, I eventually found Debian’s version of the file at:
/etc/systemd/system/multi-user.target.wants/bind9.service
Putting the “-4” in there did the trick.
Too bad it is not as easy to simply turn on ipv6 to fix the issue…
Having installed a raspberry pi 4 as a firewall/cum dns server etc, I discovered
that the file: /etc/default/bind9 is indeed the simplest item to modify;
the line OPTIONS=”-u bind”
to OPTIONS=”-4 -u bind”
What makes life difficult is nothing seems to stay the same between OS releases !!