dig: fix behavior for -6 used with IPv4-mapped IPv6 addresses
This is a spin-off from !755 (closed). Over there, @each said:
If "dig -6" is used but only v4 addresses are in resolv.conf, I would have expected it to use v4-mapped addresses instead of giving up -- that's what it does if an ipv4 address is specified on the command line with the -6 flag.
To which I replied:
What does not make sense to me, though (...), is why we attempt using IPv4-mapped IPv6 addresses when
-6
was specified. Apparently we have been doing this for the past 17 years (since da5795a3). I personally find this very confusing. The man page fordig
says:-6 Use IPv6 only.
To me, this means: "
dig
will only communicate using IPv6". But if you use-6
in conjunction with an IPv4 address, it will use IPv4 to send the query. After all, IPv4-mapped IPv6 addresses are not some kind of an IPv6 transition mechanism but merely a way of storing an IPv4 address in anAF_INET6
socket structure. To me, this looks as ifdig
fails to deliver on its promise not to use IPv4. What is the use case for doing this?
The way I read it, @ondrej agreed with me:
I think this is wrong. If -6 is specified I would expect dig to use only IPv6 to communicate with the outside.
Given the above, I propose to, at minimum, change the default in dig
from +mapped
to +nomapped
, the rationale being that dig
should not implicitly use IPv4 if -6
was explicitly specified, but it is okay to allow the user to keep using this quirk if it is explicitly requested by passing +mapped
on the command line.
The somewhat more extreme version of this change would treat command lines in the likes of dig -6 @192.0.2.1
(or, correspondingly, dig -6 @::ffff:192.0.2.1
) as errors, i.e. we would completely remove the +[no]mapped
option, causing -6
to become a more strict limit.
Any thoughts on this are welcome.