net: defaultNS contains ipv6 address

[shyamsundar87]

Go version

go version go1.23.0

Output of go env in your module/workspace:

GO111MODULE='on'
GOARCH='amd64'
GOBIN=''
GOCACHE='/home/User/.cache/go-build'
GOENV='/home/User/.config/go/env'
GOEXE=''
GOEXPERIMENT=''
GOFLAGS=''
GOHOSTARCH='amd64'
GOOS='linux'

What did you do?

As following file :
https://github.com/golang/go/blob/master/src/net/dnsconfig.go
has :

//go:linkname defaultNS
var defaultNS = []string{"127.0.0.1:53", "[::1]:53"}

It by-default assumes to listen for IPv6 addresses without properly sanitizing if at all IPv6 is enabled through-out in the system.
This causes lots of bottlenecks in wide varieties of other programs that depends on Golang's infrastructure.

What did you see happen?

It by-default assumes to listen for IPv6 addresses without properly sanitizing if at all IPv6 is enabled through-out in the system.
This causes lots of bottlenecks in wide varieties of other programs that depends on Golang's infrastructure.

What did you expect to see?

Better design would be to check if ipv6 is enabled system-wide and then really use

var defaultNS = []string{"127.0.0.1:53", "[::1]:53"}

if not fallback to

var defaultNS = []string{"127.0.0.1:53"}

[seankhliao]

please show a real problem of probing for a dns server on localhost over ipv6

[gabyhelp]

Related Issues

• net: net.ListenUDP() only binds to IPv4 when 127.0.0.1 is not present #61310
• net: IPv6 lookup fails when IPv4 hosts entry is present #20327

_{(Emoji vote if this was helpful or unhelpful; more detailed feedback welcome in this discussion.)}

[mateusz834]

Also please note that this is just a fallback, in most case it is not going to be used, it is overwritten by /etc/resolv.conf nameservers.

[shyamsundar87]

please show a real problem of probing for a dns server on localhost over ipv6

Following error appears when some CI-CD builds fails [when docker pulls fail because of this]:

[::1]:53: dial udp [::1]:53: socket: address family not supported by protocol

These uses golang under the hood
First of all why might you need such errors?
Whats the purpose of listening for IPv6 if :

ip -6 addr   #shows nothing

[mateusz834]

@shyamsundar87 can you try with GODEBUG=netdns=cgo+2 and report whether it helps? Looking at the glibc source, it seems like it defaults to 127.0.0.1.

[shyamsundar87]

@shyamsundar87 can you try with GODEBUG=netdns=cgo+2 and report whether it helps? Looking at the glibc source, it seems like it defaults to 127.0.0.1.

I saw following code somewhere :

$ GODEBUG=netdns=cgo+2 go run main.go
go package net: confVal.netCgo = true  netGo = false
go package net: using cgo DNS resolver

Im very new to golang.
Why would you want me to use golang's DNS resolver when people mostly keep using their own resolvers system-wide?
What might the problem be to sanitize for IPv6 check whether its linux/mac/windows accordingly, and shape your code to listen for it?
By this fix [suggestion], you're indirectly forcing the user to use IPv6 even if they dont want to.

Also please note that this is just a fallback, in most case it is not going to be used, it is overwritten by /etc/resolv.conf nameservers.

Some users could've unlinked the file when they're using some other resolvers.

[seankhliao]

it sounds to me that this isn't a real issue. as mentioned above, this is a fallback that we try when other resolvers aren't configured (and these defaults won't work in docker anyway because there isn't a local dns client). if you've broken dns resolution in the environment, you have bigger issues.

Unlike many projects, the Go project does not use GitHub Issues for general discussion or asking questions. GitHub Issues are used for tracking bugs and proposals only.

For questions please refer to https://github.com/golang/go/wiki/Questions

[shyamsundar87]

it sounds to me that this isn't a real issue. as mentioned above, this is a fallback that we try when other resolvers aren't configured (and these defaults won't work in docker anyway because there isn't a local dns client). if you've broken dns resolution in the environment, you have bigger issues.

Unlike many projects, the Go project does not use GitHub Issues for general discussion or asking questions. GitHub Issues are used for tracking bugs and proposals only.

For questions please refer to https://github.com/golang/go/wiki/Questions

I dont really see this fixing the root stuff. First of all this really takes away the user's freedom to choosing their own IP stack for whatever TCP/UDP they use for networking.
I see this as simply enabling IPv6 even if anyone doesnt need it.
First of all if at all I've broke DNS in env, it might've been impossible for me to comment here now. [provided if Im unable to find nearest Github's nameservers manually]