What did I mean?  You can’t delegate an EMPTY zone.

Pretty sure Protocol 41 is being passed as I need to supply my local IP to the tunnel and using my public IP does not work. I don't know anything about DNAT, and can't find anything with Google, can you explain more?

I believe this is true - they do these automated checks. But as far as I remember they will help you out over email in justified cases (and I believe that's one of them).

Did you set your Draytek router forwarding - to DNAT and forward protocol 41 to your Linux box? Your OUTGOING traffic MAY be matched by connection tracking - hence you can see the responses. It WILL NOT work most of the times for your incoming traffic.

Did you create the zone data first (SOA and NS records) and load it?

What do you mean by that?
I used the „Zone Functions->Add a new reverse“ there I filled in my assigned block and hit the „Add prefix!“ button. For a few days is complained that there is no delegation to nsX.he.net but it (the warning) cleared itself. When I try to dump Raw zone, I get this:

Code: [Select]

Raw AXFR output -- Changes made this session will not appear in the dump below. This is not in real time.

; x.x.x.x.x.x.x.x.1.0.0.2.ip6.arpa Dumped Wed Jan 29 09:23:13 2020
;


So it seems the zone is not generated at all.

Now I'm facing a hen and egg problem. RIPE will not create the reverse zone in ip6.arpa tree because the HE.net does not replies to SOA request, and HE.net will not create the zone because the ip6.arpa. has no information about DNS delegation.

Did you create the zone data first (SOA and NS records) and load it?

Hello,
I'm running my own AS with delegated PI IPv6 prefix, and I want to maintain the rDNS records at dns.he.net.

I have added the zone in the control panel and I see it marked as green, but when I try to create the domain record at RIPE, the form performs verification and shows "Server is not authoritative for x.x.x.x.x.x.x.x.1.0.0.2.ip6.arpa."

Even when I perform manual verification with dig, the query is refused.

Code: [Select]

dig @ns1.he.net NS x.x.x.x.x.x.x.x.1.0.0.2.ip6.arpa.

; <<>> DiG 9.11.5-P4-5.1-Debian <<>> @ns1.he.net NS x.x.x.x.x.x.x.x.1.0.0.2.ip6.arpa.
; (2 servers found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 65222
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
;; WARNING: recursion requested but not available

Without this I cannot proceed further. Do I miss something? Is there any other action needed?

Thank you.

I think you answered your own question...you can't route a protocol over a port.  You're trying to turn protocol 41 into protocol 6.

It doesn't work like that.

Thanks for the reply. Is there anyway to get around this slow down by virgin media. I've tried the Fremont, Frankfurt, Paris and both London servers but can never get above 15mbps. What are my options.

Manos thanks

Ryan

I think you answered your own question...you can't route a protocol over a port.  You're trying to turn protocol 41 into protocol 6.

It doesn't work like that.

Hi there,

I know this is a known topic in other forums but no real solutions have been found, hoewever is there any way to route the tunel on a separate port to 41 to avoid virgin medias suspected slowing of traffic over protocol 41. I'd like to find a solution to this as currently i have 240mbps down and 22mbps up over ipv4 however over the tunnel to the lon2 server (216.66.88.98) i can never exceed 13mbps download. Is there a solution too this that i havent found.
Here is my Traceroute to google through the tunnel, no hops through germany or france - sometime seen:

Tracing route to google.com [2a00:1450:4009:819::200e]
over a maximum of 30 hops:

  1    13 ms    13 ms    21 ms  tunnel568970.tunnel.tserv1.lon2.ipv6.he.net [2001:470:1f1c:4b8::1]
  2    13 ms    26 ms    15 ms  10ge3-20.core1.lon2.he.net [2001:470:0:320::1]
  3    13 ms    15 ms    14 ms  2001:7f8:4::3b41:1
  4    13 ms    14 ms    19 ms  2001:4860:0:135e::1
  5    20 ms    13 ms    22 ms  2001:4860:0:1::2fe5
  6    18 ms    13 ms    13 ms  lhr48s09-in-x0e.1e100.net [2a00:1450:4009:819::200e]

Trace complete.

Here is my traceroute to my tunnel endpoint:

Tracing route to tserv1.lon2.he.net [216.66.88.98]
over a maximum of 30 hops:

  1     2 ms     3 ms     2 ms  router.com [192.168.0.1]
  2     *        *        *     Request timed out.
  3    11 ms    11 ms    15 ms  hers-core-2a-xe-003-0.network.virginmedia.net [80.3.32.133]
  4     *        *        *     Request timed out.
  5    18 ms    12 ms    11 ms  m686-mp2.cvx1-b.lis.dial.ntli.net [62.254.42.174]
  6    14 ms    13 ms    11 ms  10ge2-4.core1.lon2.he.net [216.66.80.117]
  7    21 ms    13 ms    10 ms  tserv1.lon2.he.net [216.66.88.98]

Trace complete.

Many Thanks in advanced

Ryan