This is a clone of issue RHEL-87200 to use for version rhel-9.7
–
Original description:
This is a downstream clone of https://github.com/SSSD/sssd/issues/3057

Please provide the package NVR for which the bug is seen:

sssd-2.9.5-4

How reproducible is this bug?:

always

Description (quoting from the upstream issue):

I recently started cutting IPv4 access to a bunch of VMs on my network as they no longer required it to function, resulting in those only having IPv6 connectivity.

I had previously confirmed that sssd was indeed properly connecting to my samba4 servers over IPv6 and so expected the switch to go seamlessly, but it didn't.

As far as I can tell, the problem is that SSSD properly finds the two samba4 servers from the SRV records, then queries for A record from the DNS server, which sure enough returns both IPv4 addresses, it then attempts to contact those and fails (Network is unreachable). Instead of then doing a AAAA query and using it, sssd appears to just give up.

I see two problems there:

• SSSD should have favored IPv6 to start with (to match the libc's behaviour)
• SSSD shouldn't fail to connect completely when getting "Network is unreachable", instead it should try the next protocol and try that

In a perfect world, I'd have expected SSSD to first query for AAAA (or just use getaddrinfo?), try to connect to those addresses and in case of failure, fallback to IPv4.