We had an issue with DNS lookup/Querying the whois servers(Example: whois.crsnic.net) while Domain Search/Registration for any TLDs through WHMCS, Domain Manager etc. The tool/system used to timeout whenever the users searched a domain for availability.
We found the following via CLI when telnet’ing to the whois server directly.
[root@host ~]# telnet whois.crsnic.net 43 Trying 2620:74:20::30... telnet: connect to address 2620:74:20::30: Connection refused Trying 2620:74:21::30... telnet: connect to address 2620:74:21::30: Connection refused Trying 126.96.36.199... Connected to whois.crsnic.net. Escape character is '^]'.
The above indicates it attempts IPv6 DNS lookup first but the whois server doesn’t support or provide it, later our server tries IPv4 DNS lookup and it worked.
The system by default uses AAAA(IPv6) DNS lookups before IPv4 according to the default precedence blocks in /etc/gai.conf (gai stands for getaddrinfo, the standard system call for resolving host names).
As many prefer to disable IPv6 completely and it is not a good solution on the servers which require IPv6 for other purposes, we can try an alternative solution by giving precedence to IPv4 over IPv6 without disabling IPv6.
This is done by changing “
precedence ::ffff:0:0/96 10" to “
precedence ::ffff:0:0/96 100" in the config file /etc/gai.conf. Check whole /etc/gai.conf to read and understand.
[root@host ~]# grep "::ffff:0:0/96" /etc/gai.conf #label ::ffff:0:0/96 4 #precedence ::ffff:0:0/96 10 precedence ::ffff:0:0/96 100
If you do not have a /etc/gai.conf(which controls the getaddrinfo() call), you should have an example somewhere within /usr/share/doc (on Centos/RHEL, it is at /usr/share/doc/glibc-common-X.XX.XX/gai.conf) which you can copy over to /etc/gai.conf.
Mine was at:
[root@host ~]# rpm -qa glibc* glibc-common-2.17-260.el7_6.6.x86_64 glibc-2.17-260.el7_6.6.x86_64 glibc-headers-2.17-260.el7_6.6.x86_64 glibc-devel-2.17-260.el7_6.6.x86_64 [root@host ~]# ll /usr/share/doc/glibc-common-2.17/gai.conf -rw-r--r--. 1 root root 2584 Jul 3 15:25 /usr/share/doc/glibc-common-2.17/gai.conf [root@host ~]# cp -pv /usr/share/doc/glibc-common-2.17/gai.conf /etc/ ‘/usr/share/doc/glibc-common-2.17/gai.conf’ -> ‘/etc/gai.conf’
Then it started working fine by giving preference to IPv4 over IPv6.
[root@host ~]# telnet whois.crsnic.net 43 Trying 188.8.131.52... Connected to whois.crsnic.net. Escape character is '^]'. Connection closed by foreign host.