Re: Ipv6 DNS error message

[David Fifield <david () bamsoftware com>]

On Tue, Sep 29, 2009 at 02:55:41PM -0400, Paul Jenkins wrote:
> New to the list so I'm not sure if this has been discussed but her goes:
>
> While running various scans and comparing the output and functionality
> between the Ipv4 and Ipv6 scans I noted the insane difference in the
> amount of time it takes for the ipv6 scan to run on a windows box.
> Example for 20 IP addresses it would take in the neighborhood of an hour
> and a half for a Nmap default scan. While running through the -sP
> -PS(ports) options I was watching wireshark, and noticed the scan was
> over quickly but there was still some chatter on the line. DNS requests
> lots of them to various v6 IP's on the same net work. I do not have a
> DNS set up, it's not necessary for my application, the v4 scan quickly
> displays a "mass_dns:" error and merrily goes about it's scan, ipv6 has
> no such error and leaves the operator waiting. Originally I thought
> maybe it was due to the ipv6 packets not being crafted in the Nmap
> program, but Linux blasts right through the scan with no qualms, which
> left me wondering why. Now with the -n switch scans are quick and
> painless.
>
> My question is why does v6 wait for dns resolution for so long, where v4
> says no dns fine so be it.

Thanks for your report. The reason is that Nmap has a built-in fast
parallel name resolver for IPv4 addresses, but no one has added support
for IPv6 addresses. IPv6 resolution is done by the operating system, and
its speed will probably vary on different systems.

David Fifield
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/