>> The resolver library is trying to do IPv6 lookups.  (It doesn't
>> realize, at this point, that it can't do v6 connections, and indeed,
>> I'm not sure it should; it's perfectly reasonable to do a v6 address
>> lookup on a v4-only host.)  I'd be more inclined to address the
>> question of why they're going unanswered.  What DNS server are you
>> using?

> The DNS server on bummi is WinRoute 4.2, configured as a caching
> forwarder.  For some reasons there is at the moment no chance to
> switch over to another routing software (and OS...).

Then I don't see much chance to fix this, unless you're willing to
rebuild your NetBSD with AAAA lookups diked out.  (Insist on using
broken software and you can expect to see brokenness....)  Or, of
course...

> As a fix I'm now using the name server at my ISP instead the WinRoute
> forwarder.

...switch to using a different, non-broken, nameserver.  (If your
provider has a nameserver for its customers to use, why would you use
the WinRoute stuff as the NetBSD box's nameserver in the first place?)

> Its somewhat ticklish that all flavors of Windoze show no problems
> with WinRoutes forwarder.  As a test I booted a life-on-CD Linux
> (Knoppix), tcpdumped, voila, no problems, no AAAA queries.

Apparently your Linux, and probably Windows too, isn't (aren't)
IPv6-ready.  If NetBSD weren't, it wouldn't be trying to look up AAAA
records either.

> Would be nice if the NetBSD resolver showed some more robustness to
> the real world.

The varieties of brokenness out there are unlimited; we can't work
around them all, and it's no favor to anyone to try.  (Case in point:
now you know the WinRoute stuff is broken, which you (presumably)
didn't before.)

> How about the resolver DOES realize it cant do v6 lookups and stops
> fiddling around with AAAA requests?

How can it tell?  It can't tell a server that falls over in response to
AAAA queries from one that's just slow to respond, after all.  There
isn't any system-wide state that would allow processes to contribute
notes adding up to "this nameserver from resolv.conf hasn't answered
any of the 1800 AAAA queries sent to it, so avoid it, it's broken".
Even if there were, all that would result would be it would go to the
next nameserver anyway, presumably the one at your provider that you're
using now.

/~\ The ASCII				der Mouse
\ / Ribbon Campaign
 X  Against HTML	       mouse@rodents.montreal.qc.ca
/ \ Email!	     7D C8 61 52 5D E7 2D 39  4E F1 31 3E E8 B3 27 4B