After reading all the horror stories about trying to get RDNS to work, I was surprised to discover that I had passed the Professional level. Here's the situation.
I have BIND set up on my computer with a reverse zone file for "f.7.1.0.1.1.f.1.0.7.4.0.1.0.0.2.ip6.arpa." which does correctly respond to:
dig -x 2001:470:1f11:17f::{1 or 2 because those are the only hosts in my routed /64 right now} @2001:470:1f11:17f;
with the hostname nujalik.awpgnt.com.
I have also filled in nujalik.dns6.org. as my RDNS delegation NS1 on tunnelbroker (don't even ask - I think i'm waiting for xname.org's changes to propagate).
Now, "dig -x 2001:470:1f11:17f::1" (without @2001:470:1f11:17f::1) does not work -- NXDOMAIN -- but apparently it does work for the cert test. Could it just be that tunnelbroker's changes haven't propagated yet, so only he.net can see the reverse delegation, or am i missing something?
FWIW, here's the output from a non-HE tunnel
[carl@mars ~]$ dig -x 2001:470:1f11:17f::1
; <<>> DiG 9.4.3-P2 <<>> -x 2001:470:1f11:17f::1
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 18954
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.f.7.1.0.1.1.f.1.0.7.4.0.1.0.0.2.ip6.arpa. IN PTR
;; Query time: 2970 msec
;; SERVER: 2001:4978:1d8:e000:88cb:fe1b:c4b0:92a1#53(2001:4978:1d8:e000:88cb:fe1b:c4b0:92a1)
;; WHEN: Tue Jul 7 09:58:45 2009
;; MSG SIZE rcvd: 90
root@debi:/etc/asterisk# dig -x 2001:470:1f11:17f::2 +trace
; <<>> DiG 9.6.0b1 <<>> -x 2001:470:1f11:17f::2 +trace
;; global options: +cmd
. 490180 IN NS G.ROOT-SERVERS.NET.
. 490180 IN NS I.ROOT-SERVERS.NET.
. 490180 IN NS L.ROOT-SERVERS.NET.
. 490180 IN NS F.ROOT-SERVERS.NET.
. 490180 IN NS D.ROOT-SERVERS.NET.
. 490180 IN NS K.ROOT-SERVERS.NET.
. 490180 IN NS C.ROOT-SERVERS.NET.
. 490180 IN NS A.ROOT-SERVERS.NET.
. 490180 IN NS B.ROOT-SERVERS.NET.
. 490180 IN NS H.ROOT-SERVERS.NET.
. 490180 IN NS J.ROOT-SERVERS.NET.
. 490180 IN NS E.ROOT-SERVERS.NET.
. 490180 IN NS M.ROOT-SERVERS.NET.
;; Received 241 bytes from 127.0.0.1#53(127.0.0.1) in 17 ms
ip6.arpa. 172800 IN NS ns.icann.org.
ip6.arpa. 172800 IN NS ns2.lacnic.net.
ip6.arpa. 172800 IN NS sec1.apnic.net.
ip6.arpa. 172800 IN NS ns-sec.ripe.net.
ip6.arpa. 172800 IN NS tinnie.arin.net.
;; Received 221 bytes from 2001:7fd::1#53(K.ROOT-SERVERS.NET) in 57 ms
4.0.1.0.0.2.ip6.arpa. 84600 IN NS epazote.arin.net.
4.0.1.0.0.2.ip6.arpa. 84600 IN NS ns-sec.ripe.net.
4.0.1.0.0.2.ip6.arpa. 84600 IN NS indigo.arin.net.
4.0.1.0.0.2.ip6.arpa. 84600 IN NS sec1.apnic.net.
4.0.1.0.0.2.ip6.arpa. 84600 IN NS basil.arin.net.
4.0.1.0.0.2.ip6.arpa. 84600 IN NS sec3.apnic.net.
4.0.1.0.0.2.ip6.arpa. 84600 IN NS figwort.arin.net.
4.0.1.0.0.2.ip6.arpa. 84600 IN NS ns2.lacnic.net.
4.0.1.0.0.2.ip6.arpa. 84600 IN NS dill.arin.net.
4.0.1.0.0.2.ip6.arpa. 84600 IN NS henna.arin.net.
4.0.1.0.0.2.ip6.arpa. 84600 IN NS chia.arin.net.
;; Received 468 bytes from 2001:500:13::c7d4:35#53(tinnie.arin.net) in 129 ms
0.7.4.0.1.0.0.2.ip6.arpa. 10800 IN NS ns1.he.net.
0.7.4.0.1.0.0.2.ip6.arpa. 10800 IN NS ns3.he.net.
0.7.4.0.1.0.0.2.ip6.arpa. 10800 IN NS ns4.he.net.
0.7.4.0.1.0.0.2.ip6.arpa. 10800 IN NS ns2.he.net.
0.7.4.0.1.0.0.2.ip6.arpa. 10800 IN NS ns5.he.net.
;; Received 186 bytes from 192.26.92.32#53(henna.arin.net) in 212 ms
f.7.1.0.1.1.f.1.0.7.4.0.1.0.0.2.ip6.arpa. 4900 IN NS nujalik.dns6.org.
;; Received 120 bytes from 2001:470:200::2#53(ns2.he.net) in 208 ms
2.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.f.7.1.0.1.1.f.1.0.7.4.0.1.0.0.2.ip6.arpa. 3600 IN PTR visliber.awpgnt.com.
f.7.1.0.1.1.f.1.0.7.4.0.1.0.0.2.ip6.arpa. 3600 IN NS nujalik.awpgnt.com.
;; Received 145 bytes from 2001:470:1f11:17f::1#53(nujalik.dns6.org) in 219 ms
root@debi:/etc/asterisk# host nujalik.awpgnt.com
Host nujalik.awpgnt.com not found: 3(NXDOMAIN)
That NS record might me the problem:
f.7.1.0.1.1.f.1.0.7.4.0.1.0.0.2.ip6.arpa. 3600 IN NS nujalik.awpgnt.com.
This address doesn't reslolve to an ip.
yeah i set up awpgnt.com on xname.org yesterday and it hasn't changed anything yet. dig awpgnt.com returns NXDOMAIN and dig awpgnt.com @ns0.xname.org returns SERVFAIL. I've changed my ptr record for ...::1 to point to nujalik.dns6.org.
does anyone understand why it gets a PTR record properly when using +trace but shows no answer section otherwise?