Hurricane Electric's IPv6 Tunnel Broker Forums

Tunnelbroker.net Specific Topics => Questions & Answers => Topic started by: ndm on May 06, 2008, 02:17:23 PM

Title: /48 RDNS Delegation
Post by: ndm on May 06, 2008, 02:17:23 PM
Hi all

whats the status about that? I searched the news section and all that I could find was from February 27th, that he.net is implementig rdns for routed /48. Does this feature work yet?


Regards André
Title: Re: /48 RDNS Delegation
Post by: broquea on May 06, 2008, 02:37:05 PM
We delegate rDNS for the /64 and /48 to whatever nameservers you provide in the interface. This has been working for some time now, and was only unavailable for about 2-3 days after we allowed users to allocate a /48.

[EDIT] - The March 4th News item mentions /48 rDNS working
Title: Re: /48 RDNS Delegation
Post by: ndm on May 06, 2008, 02:39:12 PM
Ok. Thank you for the clarification.
Title: Re: /48 RDNS Delegation
Post by: ndm on May 07, 2008, 02:52:51 AM
How long does the delegation process take?

I got the xxx/48 Net and I setup dns zone on servers ns[1,2,3].xxx
When I directly ask the server f.e. for xxx I got an answer. But asking my upstreams or the he.net dns server I always get nxdomain. Have I done something wrong?

EDIT: Removed "vital" data
Title: Re: /48 RDNS Delegation
Post by: karlbrose on May 07, 2008, 10:22:27 AM
I checked the ns1/ns2/ns3.he.net recently on several occations and found that only ns1.he.net had the pointers for reverse DNS.
Seems the he.net servers are not synched up.
 
Title: Re: /48 RDNS Delegation
Post by: ndm on May 07, 2008, 11:25:00 AM
Well it works now... It seems I was too impatient...
Title: Re: /48 RDNS Delegation
Post by: karlbrose on May 07, 2008, 04:00:02 PM
Yes, the nameservers are now synched too, they weren't earlier in the day.
Title: Re: /48 RDNS Delegation
Post by: samh on May 07, 2008, 05:58:57 PM
It always amazes me how fast our users catch me :)  So whats going on on our side is that we have migrated all the tunnelbroker.net DNS over from ns1.ipv6 and ns2.ipv6 to the ns1 - 5 .he.net servers.  This give us better standardization and removes a few more of the legacy pieces of hardware from our system.

In order to do this we had to make changes with ARIN for our own delegation, and I think some of you may still be being referred to ns1.ipv6 etc for reverse DNS.  By tomorrow morning everything should be propagated up to the root's and at that point everyone should be going to ns1.he.net (Through ns5.he.net) for all their queries.

If you are still having any RDNS issues or don't see things working the way they are, drop me an email at ipv6@he.net and let me know so we can sort it out.
Title: Re: /48 RDNS Delegation
Post by: karlbrose on May 08, 2008, 06:40:20 AM
Thanks for the explanation regarding the transitioning, it's always good to know that small glitches like this are under control and not just flakyness, neglect, or worse.
I never actually experienced real failures of reverse resolution that I became aware of or couldn't trace to my own setup.
Title: Re: /48 RDNS Delegation
Post by: eonesixfour on May 17, 2008, 06:45:13 AM
It always amazes me how fast our users catch me :)

You had other expectations of early adopters? :)
Title: Re: /48 RDNS Delegation
Post by: samh on May 17, 2008, 10:27:24 AM

You had other expectations of early adopters? :)


Not really :)  Its a good amazed though, im glad to see so many people who care about things like Reverse DNS.  Having spent the last 15 years explaining to people in v4 who dont care about why we should all have working forward and reverse, its a breath of fresh air to be caught whenever I break it for our tunnelbroker :).

Also I will use this opportunity, we have automated all of our IPv6 reverse dns across the network , if you see any traceroutes that cross HE's network with broken rdns for one of our links please let me know.
Title: Re: /48 RDNS Delegation
Post by: ndm on May 28, 2008, 07:29:00 AM
Well it's me again.

It seems that not all he DNS Servers are synched

ns1 and ns2 report my dns server ns3-5 don't.

Prefix: 2001:470:d03f::/48
Title: Re: /48 RDNS Delegation
Post by: karlbrose on May 28, 2008, 08:07:10 AM
I sent an e-mail to ivp6@he.net earlier.   The problems seem actually deeper. Subdomains are delegated (if at all) on wrong octet boundaries.
Title: Re: /48 RDNS Delegation
Post by: samh on May 28, 2008, 11:25:36 AM
Everything in the IPv6 RDNS world here should be settling in now, if you see your allocation on ns1-3 and not on 4-5 or the other way around give it until tommorow morning to sort out in the dns server farms and then if you are still having a problem drop an email to ipv6@he.net (A much better resource for troubleshooting actual problems).

If you have put in your entries and dont have anything RDNS wise try removing the entries and resubmitting them.  If after that you still dont have entries email me at ipv6@he.net
Title: Re: /48 RDNS Delegation
Post by: imcensored on May 28, 2008, 06:08:07 PM
i have a somewhat related question...

my Subnet(routed/64) is ****:***:1f07:***::/64
while my ip is ****:***:1f06:***::2/64 (with the *** being the same characters in both)

Is it supposed to be one number off???

I am able to access the tunnel from my Ubuntu machine.  I can log in to ipv6.freenode.net IRC and see either the full ipv6 Ip or the imcensored.......he.net name.

I am using freedns.afraid.org for the rDNS.  if i add the subnet with the "1f07", it doesn't let me modify any of the first four "octets?" when i try to set the IP.  If i use the "1f06", i can set the IP, but i get a "BROKEN" error. http://dark-code.bulix.org/hxtuym-66611?raw (output in a paste-bin).

I'm lost at this point.  Which end did i screw up on? Over here or over there at freedns?

This is what i am trying to do....

I own the domain "speedlinemotorsports.org" ... i have pointed the subdomain "z.speedlinemotorsports.org" to my Ubuntu box (IPv4), as soon as either xname.org comes back up, or if i find another DNS that supports IPv6, i will be pointing it to the IPv6 address as well.  So i'd like the rDNS to be z.speedlinemotorsports.org.
Title: Re: /48 RDNS Delegation
Post by: samh on May 28, 2008, 06:18:35 PM
RDNS for the point to point (1f06) /64 is not delegated to the users.  These entries are maintained by the Tunnel Broker Platform for management reasons.

The 1f07 /64 is delegated to you and routed to the ::2 side of your 1f06/64. 

The 1F06 /64 is the rough equivilant of a /30 in IPv4 for defining a point to point connection.  (We used to use /127's, there are even some who still have /127's for PTP's)

Depending on your OS setting up an IP from the routed /64 on your tunnel endpoint and getting routing working is most likely trivial.  (And a 1F07 /64 would have reverse delegated to whoever you setup which would solve your problem).

Sam


i have a somewhat related question...

my Subnet(routed/64) is ****:***:1f07:***::/64
while my ip is ****:***:1f06:***::2/64 (with the *** being the same characters in both)

Is it supposed to be one number off???

I am able to access the tunnel from my Ubuntu machine.  I can log in to ipv6.freenode.net IRC and see either the full ipv6 Ip or the imcensored.......he.net name.

I am using freedns.afraid.org for the rDNS.  if i add the subnet with the "1f07", it doesn't let me modify any of the first four "octets?" when i try to set the IP.  If i use the "1f06", i can set the IP, but i get a "BROKEN" error. http://dark-code.bulix.org/hxtuym-66611?raw (output in a paste-bin).

I'm lost at this point.  Which end did i screw up on? Over here or over there at freedns?

This is what i am trying to do....

I own the domain "speedlinemotorsports.org" ... i have pointed the subdomain "z.speedlinemotorsports.org" to my Ubuntu box (IPv4), as soon as either xname.org comes back up, or if i find another DNS that supports IPv6, i will be pointing it to the IPv6 address as well.  So i'd like the rDNS to be z.speedlinemotorsports.org.
Title: Re: /48 RDNS Delegation
Post by: imcensored on May 29, 2008, 12:42:52 AM
I figured it out... Thanks!
Title: Re: /48 RDNS Delegation
Post by: amadeus on April 15, 2009, 03:27:47 PM
Hi, I have problems with RDNS too. I filled in the IP of my DNS server 3 times into the RDNS form on the HE website 2 days ago.
My DNS server has the IP address 87.98.178.54 (ns.freehop.mooo.com) so the output looks like the following:

$ dig -x 2001:470:9949:5001:: @ns.freehop.mooo.com +short
amadeus.routers.freehop.mooo.com.

But asking just another nameserver shows that the prefix points still to HE:

$ dig -x 2001:470:9949:5001:: @141.55.192.50
;; QUESTION SECTION:
;0.3.5.f.0.6.e.f.f.f.a.e.6.1.2.0.1.0.0.4.9.4.9.9.0.7.4.0.1.0.0.2.ip6.arpa. IN PTR

;; AUTHORITY SECTION:
9.0.7.4.0.1.0.0.2.ip6.arpa. 86400 IN   SOA   ns1.he.net. hostmaster.he.net. 2009041400 10800 1800 604800 86400

Can you tell me what is going wrong there?
Title: Re: /48 RDNS Delegation
Post by: broquea on April 15, 2009, 03:31:37 PM
We're working on why the updates aren't getting pushed out.
If you emailed ipv6@he.net, we'll email you when it is resolved.
Title: Re: /48 RDNS Delegation
Post by: tsarna on April 15, 2009, 04:21:54 PM
I saw the serials got updated yesterday but still doesn't contain the updates. I'm sure you realize this, I just wanted to say thanks for working on it. And, thanks for providing the tunnelbroker service! It's helping advance v6 deployment in more ways than you probably realize.

Happy tunnelbrker user since '03 (according to my tunnelbroker account. Holy &!%$... 2003!?! Man am I ahead of the curve 8) )
Title: Re: /48 RDNS Delegation
Post by: broquea on April 15, 2009, 08:34:36 PM
Please retest, also for anyone that didn't email, try updating your delegated nameservers.
Title: Re: /48 RDNS Delegation
Post by: tsarna on April 16, 2009, 04:17:08 PM
Working for me now. Thanks again!
Title: Re: /48 RDNS Delegation
Post by: amadeus on April 18, 2009, 04:10:25 AM
Glad to see it's working now, thanks a lot.