-
Problem report
-
Resolution: Unresolved
-
Trivial
-
None
-
7.4.5
-
None
-
Debian GNU/Linux 12 (bookworm) on AWS EC2
What happens
Sometime the agent2 stops responding with the following mysterious message (the real domain suffix is obfuscated):
2025/11/13 08:35:48.865430 connection from "172.31.35.247" rejected, allowed hosts: "i-zabbix7.MYDOMAIN" 2025/11/13 08:35:50.007670 [101] cannot connect to [i-zabbix7.MYDOMAIN:10051]: dial tcp: lookup i-zabbix7.MYDOMAIN on [::1]:53: read udp [::1]:58133->[::1]:53: read: connection refused 2025/11/13 08:35:50.007709 [101] sending of heartbeat message for [dev-redis.MYDOMAIN] started to fail 2025/11/13 08:36:05.007816 [101] cannot connect to [i-zabbix7.MYDOMAIN:10051]: dial tcp: lookup i-zabbix7.MYDOMAIN on [::1]:53: read udp [::1]:35240->[::1]:53: read: connection refused 2025/11/13 08:36:05.007871 [101] active check configuration update from host [dev-redis.MYDOMAIN] started to fail
I call this message mysterious because:
- it is clear that the agent cannot resolve the name of the zabbix server "i-zabbix7.MYDOMAIN".
- It is trying to resolve the "i-zabbix7.MYDOMAIN" via a local IPv6 resolver on [::1]:53 while there is no such resolver configured.
My /etc/resolv.conf is as follows:
domain us-west-2.compute.internal search us-west-2.compute.internal nameserver 172.31.0.2
Steps to reproduce:
I have no reliable way to reproduce it. It happens only occasionally and sometimes fixes itself after several minutes.
Expected:
The agent should never use a DNS resolver which is not configured in /etc/resolv.conf. Or should it? Then why IPv6? This is the AI opinion on the matter: https://gemini.google.com/share/80f52ef998c6