DNS: Root hint server 2001:500:1::803f:235 must respond to NS queries for the root zone

Daniel asked:

We are using IPv4 in our company. Our ISP does not provide IPv6 and this won’t change in the next years.

The Best Practices Analyzer (BPA) of our Server 2012 R2 DNS server warns about the IPv6 DNS root hints not responding to the DNS server’s queries. Of course, as we do not have an IPv6 internet access.

I see two solutions:

  1. Ignore the warnings. As long as this does not have an impact on the speed of DNS resolutions. (Something like clients trying IPv6 first, waiting for a timeout and then trying an IPv4 name resolution.)

  2. Remove the IPv6 addressse from the root hints and add them back if we get IPv6 in the future.

Any other solutions? What should I prefer?

My answer:

That nameserver does respond to NS queries for the root zone. I just tried it. The fact that Windows is trying to contact it suggests that the operating system thinks it has IPv6 connectivity. Ensure that you haven’t got any IPv6 transition technologies enabled, specifically ISATAP, Teredo, or 6to4.

View the full question and any other answers on Server Fault.

Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.