So there is http://faq.he.net/index.php/Reverse_DNS
In that FAQ there is an example for IPv6
QuoteSo, for example, if you had the following netblock:
2001:db8:d3a9:e37::/64
your rDNS zone is named:
0.7.3.e.0.9.a.3.d.8.b.d.0.1.0.0.2.ip6.arpa.
In my eyes this is working but not correct.
Why should the rDNS zone be
0.7.3.e.0.9.a.3.d.8.b.d.0.1.0.0.2.ip6.arpa.?
The leading zero(dot) is surplus in the example.
Which brings me to the real question. :-) My rDNS setting seem to be ignored.
I have the netblock 2001:470:1f0b:1223::/64 and set rDNS in the web interface to my 2 DNS servers ns1.fo0bar.org and ns2.fo0bar.org
These two servers answer just fine if asked directly but there seems to be no delegation active as he.net DNS servers are getting queried if asked otherwise (e.g. for 2001:470:1f0b:1223::1).
Is there anything that can be done?
Is that range your routed /64 or your tunnel /64?
of course its the routed /64 ;) 1f0a is the transfer /64 and I know that this does not allow rDNS.
created a 2nd tunnel just for testing, and rDNS settings get applied right away and work flawlessly. just the 1st tunnel ignores rDNS entries.
guess I could simply reconfigure machines and reset glue records use the new tunnel and forget about the old one.
Or, you know, email ipv6@he.net to open a trouble ticket, and have someone look into the problem :)
Were you able to get this fixed? I have experienced similar issues with rDNS delegation for IPv6 block.
I can see yours is still delegated to HE's DNS servers.
anurag@server7:~$ dig -x 2001:470:1f0b:1223::7 +trace
; <<>> DiG 9.7.1-P2 <<>> -x 2001:470:1f0b:1223::7 +trace
;; global options: +cmd
. 40951 IN NS d.root-servers.net.
. 40951 IN NS j.root-servers.net.
. 40951 IN NS h.root-servers.net.
. 40951 IN NS g.root-servers.net.
. 40951 IN NS k.root-servers.net.
. 40951 IN NS b.root-servers.net.
. 40951 IN NS c.root-servers.net.
. 40951 IN NS i.root-servers.net.
. 40951 IN NS m.root-servers.net.
. 40951 IN NS e.root-servers.net.
. 40951 IN NS l.root-servers.net.
. 40951 IN NS a.root-servers.net.
. 40951 IN NS f.root-servers.net.
;; Received 228 bytes from 8.8.4.4#53(8.8.4.4) in 20 ms
ip6.arpa. 172800 IN NS f.ip6-servers.arpa.
ip6.arpa. 172800 IN NS c.ip6-servers.arpa.
ip6.arpa. 172800 IN NS a.ip6-servers.arpa.
ip6.arpa. 172800 IN NS e.ip6-servers.arpa.
ip6.arpa. 172800 IN NS b.ip6-servers.arpa.
ip6.arpa. 172800 IN NS d.ip6-servers.arpa.
;; Received 462 bytes from 2001:500:2d::d#53(d.root-servers.net) in 111 ms
0.7.4.0.1.0.0.2.ip6.arpa. 10800 IN NS NS4.HE.NET.
0.7.4.0.1.0.0.2.ip6.arpa. 10800 IN NS NS5.HE.NET.
0.7.4.0.1.0.0.2.ip6.arpa. 10800 IN NS NS3.HE.NET.
0.7.4.0.1.0.0.2.ip6.arpa. 10800 IN NS NS2.HE.NET.
0.7.4.0.1.0.0.2.ip6.arpa. 10800 IN NS NS1.HE.NET.
;; Received 186 bytes from 2001:dc0:2001:a:4608::59#53(e.ip6-servers.arpa) in 340 ms
3.2.2.1.b.0.f.1.0.7.4.0.1.0.0.2.ip6.arpa. 86400 IN SOA ns1.he.net. hostmaster.he.net. 2011070808 10800 1800 604800 86400
;; Received 147 bytes from 2001:470:400::2#53(NS4.HE.NET) in 110 ms
Though as you said, I can see SOA is there.
anurag@server7:~$ dig -x 2001:470:1f0b:1223::7 @ns1.fo0bar.org
; <<>> DiG 9.7.1-P2 <<>> -x 2001:470:1f0b:1223::7 @ns1.fo0bar.org
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 17230
;; flags: qr aa rd; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; WARNING: recursion requested but not available
;; QUESTION SECTION:
;7.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.3.2.2.1.b.0.f.1.0.7.4.0.1.0.0.2.ip6.arpa. IN PTR
;; AUTHORITY SECTION:
3.2.2.1.b.0.f.1.0.7.4.0.1.0.0.2.ip6.arpa. 10800 IN SOA ns1.fo0bar.org. hostmaster.fo0bar.org. 2011122201 7200 900 1209600 10800
;; Query time: 35 msec
;; SERVER: 2001:470:1f0b:a2::2#53(2001:470:1f0b:a2::2)
;; WHEN: Fri Dec 30 12:45:43 2011
;; MSG SIZE rcvd: 151