• Welcome to Hurricane Electric's IPv6 Tunnel Broker Forums.

[SOLVED]: How to use the HE Free DNS Management

Started by ratcheer, March 04, 2011, 11:07:43 AM

Previous topic - Next topic

ratcheer

I am trying to configure things to do the Enthusiast certification. I am a bit confused about the domain registration that I apparently performed, successfully.

I am managing zone 2001:470:8:b57::/64. I requested 2001:470:8:b57:230::1 to be added as hostname ratcheer.com. This was successful.

On my client host, I started apache2. It states that it is "using 2001:470:8:b57:230:1bff:feb5:9a1d for ServerName".

Did I set up the domain correctly? I cannot ping or nslookup or dig ratcheer.com. Obviously, I need to change something, but what?

Thanks,
Tim

cholzhauer


-bash-3.00$ host ratcheer.com
Host ratcheer.com not found: 3(NXDOMAIN)


You need to assign an AAAA record for ratcheer.com.  That AAAA record needs to point at 2001:470:8:b57:230:1bff:feb5:9a1d

jrocha

Quote from: ratcheer on March 04, 2011, 11:07:43 AM
I am trying to configure things to do the Enthusiast certification. I am a bit confused about the domain registration that I apparently performed, successfully.

I am managing zone 2001:470:8:b57::/64. I requested 2001:470:8:b57:230::1 to be added as hostname ratcheer.com. This was successful.

On my client host, I started apache2. It states that it is "using 2001:470:8:b57:230:1bff:feb5:9a1d for ServerName".

It also sounds like your apache configuration is incorrect, and is using your IP address as ServerName, which isn't usually what you want to do.

ratcheer

Quote from: jrocha on March 04, 2011, 02:41:47 PM

It also sounds like your apache configuration is incorrect, and is using your IP address as ServerName, which isn't usually what you want to do.

Could be. I have always been a database person. I'm afraid I'm in over my head with all this networking stuff.  ???

Tim

snarked

QuoteI am managing zone 2001:470:8:b57::/64....
Usually, the third quad for your delegated /64 is an odd number.  Are you certain you're using the correct subnet?

ratcheer

Quote from: snarked on March 04, 2011, 11:50:20 PM
QuoteI am managing zone 2001:470:8:b57::/64....
Usually, the third quad for your delegated /64 is an odd number.  Are you certain you're using the correct subnet?

The odd number (7) is on my tunnel endpoint, a router. All the host nodes are on my routed /64, with the 8. I don't know which one the domain name is supposed to point to - like my title says, I am a newbie.  ;)

Tim

ratcheer

snarked, I just looked up how I arrived at what I used. The zone was pre-populated by the HE DNS web site. It came from my RDNS assignment that was made when I created my tunnel. Here is what the info popup for that operation says:

QuoteThese are the Name Servers we will delegate authority for the "Routed /64" and "Routed /48" above.

We DO NOT delegate RDNS for the "Server IPv6 Address" or "Client IPv6 Address" above.

So, as nearly as I can tell, I have done things correctly.

Tim

jgeorge

Quote from: ratcheer on March 04, 2011, 11:07:43 AM
I requested 2001:470:8:b57:230::1 to be added as hostname ratcheer.com. This was successful.

On my client host, I started apache2. It states that it is "using 2001:470:8:b57:230:1bff:feb5:9a1d for ServerName".

I guess the more obvious question here is: did you define your host running Apache to use the IP address of 2001:470:8:b57:230::1? And if so, why?

The 2001:470:8:b57:230:1bff:feb5:9a1d address you're getting on the host is an autoconfigured address based on the server's NIC's MAC address (the ff:fe in the address is a dead giveaway that this is happening).

If you have your machine set to automatically obtain an IPv6 address, that's the kind of address you're going to get (with *nix, Windows is (of course) a little different because it defaults to a random IPv6 address for security). However, unless you specifically define an IPv6 address you want for the server, you're going to get some kind of autoconfigured address.

If you specifically want 2001:470:8:b57:230::1 you need to define that address on your server (how depends on what OS you're running).

Defining a specific address for a specific host/domain in DNS doesn't really change anything - it's more or less up to you to tell DNS what's right, not necessary for you to tell DNS what you want and then the machines figure it out. :)  I apologize if that sounds like really basic information but from the wording in your original post it seems like it might be worth clarifying.

Rather than readdress your server (unless you really want to), since you have a perfectly workable IPv6 address for it right now, why not just change your DNS to point ratcheer.com to 2001:470:8:b57:230:1bff:feb5:9a1d?

Joe

ratcheer

Quote from: jgeorge on March 05, 2011, 09:23:15 AM

I guess the more obvious question here is: did you define your host running Apache to use the IP address of 2001:470:8:b57:230::1? And if so, why?

The 2001:470:8:b57:230:1bff:feb5:9a1d address you're getting on the host is an autoconfigured address based on the server's NIC's MAC address (the ff:fe in the address is a dead giveaway that this is happening).

If you have your machine set to automatically obtain an IPv6 address, that's the kind of address you're going to get (with *nix, Windows is (of course) a little different because it defaults to a random IPv6 address for security). However, unless you specifically define an IPv6 address you want for the server, you're going to get some kind of autoconfigured address.

If you specifically want 2001:470:8:b57:230::1 you need to define that address on your server (how depends on what OS you're running).

Defining a specific address for a specific host/domain in DNS doesn't really change anything - it's more or less up to you to tell DNS what's right, not necessary for you to tell DNS what you want and then the machines figure it out. :)  I apologize if that sounds like really basic information but from the wording in your original post it seems like it might be worth clarifying.

Rather than readdress your server (unless you really want to), since you have a perfectly workable IPv6 address for it right now, why not just change your DNS to point ratcheer.com to 2001:470:8:b57:230:1bff:feb5:9a1d?

Joe

Thank you. Yes, I need all the clarification I can get. I apologize for being so dense.

I simply installed apache2 in Linux and it started itself up and gave me that information. I assumed it was correct information.

Just a few minutes ago, I registered ratcheer.com with a registrar. Once that process has completed, I will try to continue with this. I hope I will be able to configure my domain registration to associate with he's nameservers. If I can't, I have just wasted $5.

Tim

jgeorge

Quote from: ratcheer on March 05, 2011, 01:34:55 PM
Thank you. Yes, I need all the clarification I can get. I apologize for being so dense.

Pfft. No apologies. This isn't kindergarten level IP stuff we're talking about here, it'll take anyone a little bit to get their heads around how it works.

Quote from: ratcheer on March 05, 2011, 01:34:55 PM
I simply installed apache2 in Linux and it started itself up and gave me that information. I assumed it was correct information.

Good assumption - it indeed gave  you the correct information for what it was configured for. :)

Quote from: ratcheer on March 05, 2011, 01:34:55 PM
Just a few minutes ago, I registered ratcheer.com with a registrar. Once that process has completed, I will try to continue with this. I hope I will be able to configure my domain registration to associate with he's nameservers. If I can't, I have just wasted $5.

You should be able to specify what DNS servers your domain points to. Point it to HE's DNS servers then you can manage your DNS to your heart's content. :)

Joe

broquea

#10
QuoteJust a few minutes ago, I registered ratcheer.com with a registrar

If your domain wasn't registered to begin with (as of your first post), then there shouldn't have been an expectation it would work. Again, we do _not_ query our authoritative name servers directly for anything unless as part of the second test at Guru (direct query against listed auth NS). All lookups are against caching recursors. If the domain wasn't valid, then the lookups would fail.

snarked

OK, maybe your tunnel server was different, but HE usually puts the routed/64 on the odd third-quad and the tunnel/64 on the even-third quad.  This is definently true for Los Angeles and Zurich, and generally true for all other servers I've seen questions about.

broquea

Quote from: snarked on March 05, 2011, 03:35:12 PM
OK, maybe your tunnel server was different, but HE usually puts the routed/64 on the odd third-quad and the tunnel/64 on the even-third quad.  This is definently true for Los Angeles and Zurich, and generally true for all other servers I've seen questions about.

Was true when we manually assigned & allocated /48s for that kind of use. Then the auto-allocation utility was built into our in-house IP management system, and we opted for using the new lazy-tool :) (also why we stopped allocating out of 1fxx, it starts with the next available range starting from 2001:470:2:: )

ratcheer

Quote from: broquea on March 05, 2011, 02:27:33 PM
QuoteJust a few minutes ago, I registered ratcheer.com with a registrar

If your domain wasn't registered to begin with (as of your first post), then there shouldn't have been an expectation it would work. Again, we do _not_ query our authoritative name servers directly for anything unless as part of the second test at Guru (direct query against listed auth NS). All lookups are against caching recursors. If the domain wasn't valid, then the lookups would fail.

Yes, but I did not find enough info in the certification materials to lead me to that understanding. Looking through this forum, I find that I am not the first to have to have it explained. Thank you.

Tim

ratcheer

#14
Ok, I am still lost.

I registered a new domain (ratcheer.com) and waited a day for the registration to be completed. Then, I went to the hosting provider, selected my new domain, and pointed its DNS to the ns?.he.net servers (?=2,3,4,5). Then, I went to HE DNS and pointed my client PC's full IPv6 address to my new domain. It still doesn't work. If I dig my domain name, it still comes back with the IP of my hosting service's server.

Is this a completely wrong way to try to do it? Or do I just need to wait a while for all the changes to work their way through the system?

Thanks,
Tim