diff --git a/CHANGES b/CHANGES
index 910321247f..98465b94d7 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,4 +1,10 @@
 
+2.5-345 | 2017-11-20 11:28:59 -0600
+
+  * BIT-1827: fix error on initializing DNS w/ IPv6 nameserver. (Corelight)
+
+  * Add --build-type flag to configure wrapper. (Corelight)
+
 2.5-343 | 2017-11-17 15:27:04 -0800
 
   * Fix ASCII logging of very large values of type "double".
diff --git a/VERSION b/VERSION
index 26514725b5..13eaeb1e39 100644
--- a/VERSION
+++ b/VERSION
@@ -1 +1 @@
-2.5-343
+2.5-345
diff --git a/src/nb_dns.c b/src/nb_dns.c
index 35059ab4f0..f239b4d401 100644
--- a/src/nb_dns.c
+++ b/src/nb_dns.c
@@ -131,27 +131,40 @@ nb_dns_init(char *errstr)
 		free(nd);
 		return (NULL);
 	}
-	nd->s = socket(PF_INET, SOCK_DGRAM, 0);
-	if (nd->s < 0) {
-		snprintf(errstr, NB_DNS_ERRSIZE, "socket(): %s",
-		    my_strerror(errno));
-		free(nd);
-		return (NULL);
-	}
 
-	/* XXX should use resolver config */
-	nd->server = _res.nsaddr_list[0];
+	for ( int i = 0; i < _res.nscount; ++i )
+		{
+		nd->server = _res.nsaddr_list[i];
 
-	if (connect(nd->s, (struct sockaddr *)&nd->server,
-	    sizeof(struct sockaddr)) < 0) {
-		snprintf(errstr, NB_DNS_ERRSIZE, "connect(%s): %s",
-		    inet_ntoa(nd->server.sin_addr), my_strerror(errno));
-		close(nd->s);
-		free(nd);
-		return (NULL);
-	}
+		/* XXX support IPv6 */
+		if ( nd->server.sin_family != AF_INET )
+			continue;
 
-	return (nd);
+		nd->s = socket(nd->server.sin_family, SOCK_DGRAM, 0);
+
+		if ( nd->s < 0 )
+			{
+			snprintf(errstr, NB_DNS_ERRSIZE, "socket(): %s",
+			         my_strerror(errno));
+			free(nd);
+			return (NULL);
+			}
+
+		if ( connect(nd->s, (struct sockaddr *)&nd->server,
+		             sizeof(struct sockaddr)) < 0 )
+			{
+			snprintf(errstr, NB_DNS_ERRSIZE, "connect(%s): %s",
+			         inet_ntoa(nd->server.sin_addr), my_strerror(errno));
+			close(nd->s);
+			free(nd);
+			return (NULL);
+			}
+
+		return (nd);
+		}
+
+	snprintf(errstr, NB_DNS_ERRSIZE, "no valid nameservers in resolver config");
+	return (NULL);
 }
 
 void