Question about why the AAAA NS Record test in the certification may be failing.
I've got at least one NS record which has an IPv6 nameserver. This is reflected both on a.gtld-servers.net and on the auth NS (in this case, v6ns.randallman.net.)
Please see digs below.
(a.gtld-servers.net)root@bedroom:/etc/network# dig @a.gtld-servers.net randallman.net ns
; <<>> DiG 9.4.2-P2.1 <<>> @a.gtld-servers.net randallman.net ns
; (2 servers found)
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 56927
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 6, ADDITIONAL: 1
;; WARNING: recursion requested but not available
;; QUESTION SECTION:
;randallman.net. IN NS
;; AUTHORITY SECTION:
randallman.net. 172800 IN NS ns1.mydyndns.org.
randallman.net. 172800 IN NS ns2.mydyndns.org.
randallman.net. 172800 IN NS ns3.mydyndns.org.
randallman.net. 172800 IN NS ns4.mydyndns.org.
randallman.net. 172800 IN NS ns5.mydyndns.org.
randallman.net. 172800 IN NS v6ns.randallman.net.
;; ADDITIONAL SECTION:
v6ns.randallman.net. 172800 IN AAAA 2607:f590:f2::2
;; Query time: 25 msec
;; SERVER: 2001:503:a83e::2:30#53(2001:503:a83e::2:30)
;; WHEN: Sat Apr 3 18:48:34 2010
;; MSG SIZE rcvd: 181
And v6ns.randallman.net:
root@bedroom:/etc/network# dig @v6ns.randallman.net randallman.net ns
; <<>> DiG 9.4.2-P2.1 <<>> @v6ns.randallman.net randallman.net ns
; (1 server found)
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 15805
;; flags: qr aa rd; QUERY: 1, ANSWER: 6, AUTHORITY: 0, ADDITIONAL: 1
;; WARNING: recursion requested but not available
;; QUESTION SECTION:
;randallman.net. IN NS
;; ANSWER SECTION:
randallman.net. 600 IN NS v6ns.randallman.net.
randallman.net. 600 IN NS ns4.mydyndns.org.
randallman.net. 600 IN NS ns2.mydyndns.org.
randallman.net. 600 IN NS ns1.mydyndns.org.
randallman.net. 600 IN NS ns3.mydyndns.org.
randallman.net. 600 IN NS ns5.mydyndns.org.
;; ADDITIONAL SECTION:
v6ns.randallman.net. 600 IN AAAA 2607:f590:f2::2
;; Query time: 44 msec
;; SERVER: 2607:f590:f2::2#53(2607:f590:f2::2)
;; WHEN: Sat Apr 3 18:49:06 2010
;; MSG SIZE rcvd: 181
If this is the sage test, it wants a v6 glue AAAA record at your parent domain (e.g. host record).
If it's just looking for the existence of NS record in your list of NS records which references a NS with a AAAA, then it should work.
Sometimes the HE server gets a negative cache entry too, so you might have to wait that out.
The Negative TTL was the key.
Got through and passed through to sage. Considering writing a quick script to run for the next 99 days to get me the 1400 :)
Thanks for the assistance.
--Randall
Quote from: jimb on April 03, 2010, 04:32:11 PM
If this is the sage test, it wants a v6 glue AAAA record at your parent domain (e.g. host record).
If it's just looking for the existence of NS record in your list of NS records which references a NS with a AAAA, then it should work.
Sometimes the HE server gets a negative cache entry too, so you might have to wait that out.
Well, good luck with sage. I'm not sure if dyndns.org supports v6 glue records. Although you could add another NS out of baliwick which has a AAAA glue record and I think the test will pass.
EDIT: oh never mind, I saw u passed. I guess they do support IPv6 glue (just did a dig and saw that they do).
Also, the daily tests are kind of picky, so be careful with your script. Can't use the same IPv6 server twice, and sometimes the script refuses to parse whois and ping output correctly for no apparent reason. :P
They are beta testing general deployment options for v6. I asked if they had a timeline for general deployment, but they did not have anything at this time.
I myself work for a registrar (corporate, not retail) and we can do ip6.arpa via slaving and AAAAs as well, but our frontend UI still has yet to support AAAA at all...
Quote from: jimb on April 03, 2010, 07:35:26 PM
Well, good luck with sage. I'm not sure if dyndns.org supports v6 glue records. Although you could add another NS out of baliwick which has a AAAA glue record and I think the test will pass.
EDIT: oh never mind, I saw u passed. I guess they do support IPv6 glue (just did a dig and saw that they do).
Also, the daily tests are kind of picky, so be careful with your script. Can't use the same IPv6 server twice, and sometimes the script refuses to parse whois and ping output correctly for no apparent reason. :P