Hurricane Electric's IPv6 Tunnel Broker Forums

Tunnelbroker.net Specific Topics => Questions & Answers => Topic started by: snarked on July 22, 2008, 05:24:57 PM

Title: Reverse DNS for recently added tunnel servers....
Post by: snarked on July 22, 2008, 05:24:57 PM

Still waiting for reverse DNS lookups to work.  Currently, ns*.he.net return NXDOMAIN answers for at least the Los Angeles tunnel address range ("2001:470:d::/48").  Also no tunnel latency stats yet for LA, Seattle, and Miami (yet 25 tunnels allocated as 15, 5, and 5 respectively).

Title: Re: Reverse DNS for recently added tunnel servers....
Post by: broquea on July 22, 2008, 05:43:07 PM

Give rDNS about 10-15 minutes then please retest.

Title: Re: Reverse DNS for recently added tunnel servers....
Post by: snarked on July 23, 2008, 02:20:40 PM

Thank you.  It seems to be working.  However, one question:

The "minimum TTL" (used for NXDOMAIN answers) for "D.0.0.0.0.7.4.0.1.0.0.2.IP6.ARPA" is set to 1 day - compared to a zone refresh value of 3 hours.  Isn't the minimum field a little high considering that as a tunnel endoint, it will have frequent updates as people add tunnels, especially for the newer tunnels?

Title: Re: Reverse DNS for recently added tunnel servers....
Post by: guitars on July 27, 2008, 10:58:02 AM

I have 2 questions...

1: When I add a tunnel...

Quote from: tunnelbroker

Claim Code:    No Code Available
   Server IPv4 address:    216.66.80.30
   Server IPv6 address:    2001:0470:1f0a:6f2::1/64
   Client IPv4 address:    189.25.??.?
   Client IPv6 address:    2001:0470:1f0a:6f2::2/64
   Routed /48:    Allocate
   Routed /64:    2001:0470:1f0b:6f2::/64
   RDNS Delegation NS1:    ns1.afraid.org
   RDNS Delegation NS2:    ns2.afraid.org
   RDNS Delegation NS3:    ns3.afraid.org

Is sure the IPv6 address is different of Routed /64?
Even that I rebuild the tunnel it ever is different

2: when I set the IPv6 reverse on afraid, it not work and get a broken error..
my set:...

Quote from: afraid

BROKEN : 07/27/2008 : Details
2001:0470:1f0a:6f2::/64   add record | delete subnet
2001:0470:1f0a:06f2:0000:0000:0000:0002   guitars.musicality.t28.net   remove

The content of BROKEN:

Quote from: afraid

Last authority check trace results for IPv6 Subnet : 2001:0470:1f0a:6f2::/64

First found broken (0 days ago) at : 2008-07-27 02:00:10

Details:

2008-07-27 02:00:02

Broken : 1
Host 2.f.6.0.a.0.f.1.0.7.4.0.1.0.0.2.ip6.arpa not found: 3(NXDOMAIN)

0.62 seconds elapsed.

Broken : 1
Host 2.f.6.0.a.0.f.1.0.7.4.0.1.0.0.2.ip6.int not found: 3(NXDOMAIN)

2.52 seconds elapsed.

Broken : 1
Tracing to 2.f.6.0.a.0.f.1.0.7.4.0.1.0.0.2.ip6.arpa[a] via A.ROOT-SERVERS.NET, maximum of 1 retries
A.ROOT-SERVERS.NET [.] (198.41.0.4)
 |\___ SEC1.APNIC.NET [ip6.arpa] (202.12.29.59)
 |     |\___ ns5.he.net [0.7.4.0.1.0.0.2.ip6.arpa] (216.66.80.18)
 |     |\___ ns5.he.net [0.7.4.0.1.0.0.2.ip6.arpa] (2001:0470:0500:0000:0000:0000:0000:0002) Not queried
 |     |\___ ns4.he.net [0.7.4.0.1.0.0.2.ip6.arpa] (216.66.1.2)
 |     |\___ ns4.he.net [0.7.4.0.1.0.0.2.ip6.arpa] (2001:0470:0400:0000:0000:0000:0000:0002) Not queried
 |     |\___ ns3.he.net [0.7.4.0.1.0.0.2.ip6.arpa] (216.218.132.2)
 |     |\___ ns3.he.net [0.7.4.0.1.0.0.2.ip6.arpa] (2001:0470:0300:0000:0000:0000:0000:0002) Not queried
 |     |\___ ns2.he.net [0.7.4.0.1.0.0.2.ip6.arpa] (216.218.131.2)
 |     |\___ ns2.he.net [0.7.4.0.1.0.0.2.ip6.arpa] (2001:0470:0200:0000:0000:0000:0000:0002) Not queried
 |      \___ ns1.he.net [0.7.4.0.1.0.0.2.ip6.arpa] (216.218.130.2)
 |\___ SEC1.APNIC.NET [ip6.arpa] (2001:0dc0:2001:000a:4608:0000:0000:0059) Not queried
 |\___ NS.LACNIC.NET [ip6.arpa] (200.160.0.7)
 |     |\___ ns3.he.net [0.7.4.0.1.0.0.2.ip6.arpa] (216.218.132.2)
 |     |\___ ns3.he.net [0.7.4.0.1.0.0.2.ip6.arpa] (2001:0470:0300:0000:0000:0000:0000:0002) Not queried
 |     |\___ ns1.he.net [0.7.4.0.1.0.0.2.ip6.arpa] (216.218.130.2)
 |     |\___ ns4.he.net [0.7.4.0.1.0.0.2.ip6.arpa] (216.66.1.2)
 |     |\___ ns4.he.net [0.7.4.0.1.0.0.2.ip6.arpa] (2001:0470:0400:0000:0000:0000:0000:0002) Not queried
 |     |\___ ns2.he.net [0.7.4.0.1.0.0.2.ip6.arpa] (216.218.131.2)
 |     |\___ ns2.he.net [0.7.4.0.1.0.0.2.ip6.arpa] (2001:0470:0200:0000:0000:0000:0000:0002) Not queried
 |      \___ ns5.he.net [0.7.4.0.1.0.0.2.ip6.arpa] (216.66.80.18)
 |      \___ ns5.he.net [0.7.4.0.1.0.0.2.ip6.arpa] (2001:0470:0500:0000:0000:0000:0000:0002) Not queried
 |\___ NS.LACNIC.NET [ip6.arpa] (2001:12ff:0000:0000:0000:0000:0000:0007) Not queried
 |\___ NS.ICANN.ORG [ip6.arpa] (192.0.34.126)
 |     |\___ ns-sec.ripe.net [4.0.1.0.0.2.ip6.arpa] (2001:0610:0240:0000:0053:0000:0000:0004) Not queried
 |     |\___ ns-sec.ripe.net [4.0.1.0.0.2.ip6.arpa] (193.0.0.196)
 |     |     |\___ ns4.he.net [0.7.4.0.1.0.0.2.ip6.arpa] (216.66.1.2)
 |     |     |\___ ns4.he.net [0.7.4.0.1.0.0.2.ip6.arpa] (2001:0470:0400:0000:0000:0000:0000:0002) Not queried
 |     |     |\___ ns5.he.net [0.7.4.0.1.0.0.2.ip6.arpa] (216.66.80.18)
 |     |     |\___ ns5.he.net [0.7.4.0.1.0.0.2.ip6.arpa] (2001:0470:0500:0000:0000:0000:0000:0002) Not queried
 |     |     |\___ ns3.he.net [0.7.4.0.1.0.0.2.ip6.arpa] (216.218.132.2)
 |     |     |\___ ns3.he.net [0.7.4.0.1.0.0.2.ip6.arpa] (2001:0470:0300:0000:0000:0000:0000:0002) Not queried
 |     |     |\___ ns2.he.net [0.7.4.0.1.0.0.2.ip6.arpa] (216.218.131.2)
 |     |     |\___ ns2.he.net [0.7.4.0.1.0.0.2.ip6.arpa] (2001:0470:0200:0000:0000:0000:0000:0002) Not queried
 |     |      \___ ns1.he.net [0.7.4.0.1.0.0.2.ip6.arpa] (216.218.130.2)
 |     |\___ indigo.arin.net [4.0.1.0.0.2.ip6.arpa] (192.31.80.32)
 |     |     |\___ ns2.he.net [0.7.4.0.1.0.0.2.ip6.arpa] (216.218.131.2)
 |     |     |\___ ns2.he.net [0.7.4.0.1.0.0.2.ip6.arpa] (2001:0470:0200:0000:0000:0000:0000:0002) Not queried
 |     |     |\___ ns1.he.net [0.7.4.0.1.0.0.2.ip6.arpa] (216.218.130.2)

Could not find ns1.afraid.org... giving up.

4.29 seconds elapsed.


Broken : 1
Tracing to 2.f.6.0.a.0.f.1.0.7.4.0.1.0.0.2.ip6.int[a] via A.ROOT-SERVERS.NET, maximum of 1 retries
A.ROOT-SERVERS.NET [.] (198.41.0.4)
 |\___ NS.ICANN.ORG [int] (192.0.34.126)
 |\___ NS.UU.NET [int] (137.39.1.3)
 |\___ NS-SEC.RIPE.NET [int] (2001:0610:0240:0000:0053:0000:0000:0004) Not queried
 |\___ NS-SEC.RIPE.NET [int] (193.0.0.196)
 |\___ NS1.CS.UCL.AC.UK [int] (128.16.5.32)
 |\___ NS0.JA.NET [int] (2001:0630:0000:0008:0000:0000:0000:0014) Not queried
 |\___ NS0.JA.NET [int] (2001:0630:0000:0009:0000:0000:0000:0014) Not queried
 |\___ NS0.JA.NET [int] (128.86.1.20)
  \___ NS0.JA.NET [int] (193.63.94.20)


 seconds elapsed.




Seems to be really broken, and not currently marked as broken.

What it may be?

Title: Re: Reverse DNS for recently added tunnel servers....
Post by: avongauss on July 27, 2008, 11:39:21 AM

You're trying to set up rDNS on the transit 1f0a prefix rather than the routed 1f0b prefix.  On the afraid.org web site, you want to use the routed /64 which is 2001:0470:1f0b:6f2 and set your computers to use addresses from the 2001:0470:1f0b prefix where rDNS is a concern. 

Title: Re: Reverse DNS for recently added tunnel servers....
Post by: guitars on July 30, 2008, 09:23:27 AM

both the two is broken..

Quote from: afraid

BROKEN : 07/30/2008 : Details
2001:470:1f0a:6f2::/64    add record | delete subnet
2001:0470:1f0a:06f2:0000:0000:0000:0002   guitars.musicality.t28.net   remove
BROKEN : 07/30/2008 : Details
2001:470:1f0b:6f2::/64            add record | delete subnet
2001:0470:1f0b:06f2:0000:0000:0000:0002   rt.guitars.t28.net   remove
Add IPv6 Subnet

or I am doing wrong..

Title: Re: Reverse DNS for recently added tunnel servers....
Post by: tufinhas on July 30, 2008, 09:36:35 AM

on tunnelbroker page try remove
and add again afraid servers

Title: Re: Reverse DNS for recently added tunnel servers....
Post by: guitars on July 31, 2008, 11:01:43 AM

I tried and never work..

Title: Re: Reverse DNS for recently added tunnel servers....
Post by: tufinhas on July 31, 2008, 01:16:42 PM

2.f.6.0.b.0.f.1.0.7.4.0.1.0.0.2.ip6.arpa. 4900 IN NS ns3.afraid.org.
2.f.6.0.b.0.f.1.0.7.4.0.1.0.0.2.ip6.arpa. 4900 IN NS ns1.afraid.org.
2.f.6.0.b.0.f.1.0.7.4.0.1.0.0.2.ip6.arpa. 4900 IN NS ns2.afraid.org.
;; Received 122 bytes from 216.218.130.2#53(ns1.he.net) in 203 ms

D:\Bind>host 2001:0470:1f0b:06f2:0000:0000:0000:0002
2.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.2.f.6.0.b.0.f.1.0.7.4.0.1.0.0.2.ip6.arpa domain name pointer rt.guitars.t28.net.

it's ok.

Code: [Select]

D:\Bind>dig ANY -x 2001:0470:1f0b:06f2:0000:0000:0000:0002 @10.0.0.33

; <<>> DiG 9.5.0 <<>> ANY -x 2001:0470:1f0b:06f2:0000:0000:0000:0002 @10.0.0.33
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 973
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 4, ADDITIONAL: 3

;; QUESTION SECTION:
;2.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.2.f.6.0.b.0.f.1.0.7.4.0.1.0.0.2.ip6.arpa. IN ANY

;; ANSWER SECTION:
2.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.2.f.6.0.b.0.f.1.0.7.4.0.1.0.0.2.ip6.arpa. 12 IN PTR rt.guitars.t28.net.

;; AUTHORITY SECTION:
2.f.6.0.b.0.f.1.0.7.4.0.1.0.0.2.ip6.arpa. 12 IN NS ns4.afraid.org.
2.f.6.0.b.0.f.1.0.7.4.0.1.0.0.2.ip6.arpa. 12 IN NS ns1.afraid.org.
2.f.6.0.b.0.f.1.0.7.4.0.1.0.0.2.ip6.arpa. 12 IN NS ns2.afraid.org.
2.f.6.0.b.0.f.1.0.7.4.0.1.0.0.2.ip6.arpa. 12 IN NS ns3.afraid.org.

;; ADDITIONAL SECTION:
ns2.afraid.org.         86045   IN      A       66.252.1.255
ns3.afraid.org.         86045   IN      A       72.20.25.134
ns4.afraid.org.         86045   IN      A       67.18.179.15

;; Query time: 46 msec
;; SERVER: 10.0.0.33#53(10.0.0.33)
;; WHEN: Thu Jul 31 21:22:29 2008
;; MSG SIZE  rcvd: 252


Title: Re: Reverse DNS for recently added tunnel servers....
Post by: guitars on July 31, 2008, 06:55:10 PM

ahhh, its work... I tried vhost in 1f0a, but I can't... now I understand... thanks a lot.