• Welcome to Hurricane Electric's IPv6 Tunnel Broker Forums.

Cannot "grab the file via IPv6 HTTP"

Started by JimBlake, September 06, 2010, 01:13:12 PM

Previous topic - Next topic

JimBlake

OK, so I'm an Explorer (Exploder??), trying to get to Enthusiast. My set-up is as follows: Cisco 877 with a tunnel through IPv4 to Hurricane Electric. Behind the Cisco, I have a directly connected clean install of Ubuntu 10.04, with which I can browse to IPv6 sites. I have apache2 running on the Ubuntu box. The Ubuntu box also has a simple IPv4 NIC connecting through a shorewall firewall to the Internet. Thus I have an IPv6 in IPv4 tunnel out one side of the box, and a standard IPv4 Internet link the other side. resolv.conf has the Hurricane IPv6 Name-server declared, as well as the IPv4 name-servers used for the IPv4 link.

The Ubuntu box is called V6Trial. I have delegated DNS to the Hurricane Electric DNS servers, and I have registered the name V6Trial with my Ubuntu box's IPv6 address with the Hurricane Electric servers.

Using Firefox on the Ubuntu box, I can browse to my IPv4 address and see the file mkwgvjs2ts.txt.

I can "wget 192.168.123.78/mkwgvjs2ts.txt" successfully, so I believe my Apache server and file permissions are OK

Can't wget to the IPv6 address, is there an IPv6 version of wget? I get the following when I try, so I'm assuming a wget issue:

wget 2001:470:1f09:ac6:21a:6bff:fe3c:9a06/mkwgvjs2ts.txt--2010-09-06 21:09:20--  ftp://2001/470:1f09:ac6:21a:6bff:fe3c:9a06/mkwgvjs2ts.txt
           => `mkwgvjs2ts.txt.1'
Resolving 2001... 0.0.7.209
Connecting to 2001|0.0.7.209|:21... failed: Invalid argument.


On the same pc, I can http://[2001:470:1f09:ac6:21a:6bff:fe3c:9a06]/mkwgvjs2ts.txt and get the web-server to send me the file

On the same PC I can browse to http://V6Trial/mkwgvjs2ts.txt and it gets the file. however, I am using the Firefox plugin that shows the target address and this shows it is going to 127.0.0.1, so I believe this may just be getting direct to the file rather than resolving the name off Hurricane's name-servers.

This all looks OK, but when I try to do the test, all I get is:

Could not grab the file via IPv6 HTTP

Help   Step   Description   Data
   [1]   Generate a User Code    mkwgvjs2ts
   [2]   Tell us what your IPv6 website is; FQDN please    http://V6Trial /
   [3]   We will test grabbing the file:    http://V6Trial/mkwgvjs2ts.txt
   [4]   Schedule the test:    

What am I doing wrong here? if I spend much more time trying to sort this out, my wife will be convinced that I'm surfing porn, nothing else usually holds my interest for so long!

Thanks for any suggestions

Jim Blake

jimb

V6trial isn't an FQDN.
You need a Fully Qualified Domain Name.  Like v6trial.whatever.com


cholzhauer

fwiw it should be wget6 or wget -6...probably wget -6 though

JimBlake

Thanks for the responses. I did try V6Trial.com, and configured that in the HE Nameservers, but it made no difference. I'll try it again tonight to be sure I haven't done something basic like a typo. However, as I understand it, the DNS query will go from the Linux machine to the HE nameserver (my Linux client will go to the HE nameservers because they are specified in resolv.conf), and will be recognised because the DNS query says "V6Trial" and the entry in the nameservers says "V6Trial"....or have I got it all wrong?

The DNS Server entry looks like this:

Parent Block               Address                  Hostname     
2001:470:1f09:ac6:    21a:6bff:fe3c:9a06    V6Trial

and the instructions say:"The Hostname field may contain any descriptive text without spaces. "

Any help/assistance/suggestions gratefully recieved!

Jim Blake

patrickdk

Maybe you don't understand dns?

The domain v6trail isn't owned by anyone currently. And you cannot just use any name you wish for your domain. It has to be something that can be found globally, not something you just enter into your hosts file.

If you don't currently own a domain, there are a few places that will let you borrow theirs to do some of these tests, exactly how many tests you can do with them, depends on how they set it up though.

cholzhauer

Quote
The domain v6trial isn't owned by anyone currently. And you cannot just use any name you wish for your domain. It has to be something that can be found globally, not something you just enter into your hosts file.

Right.  I assume v6trial is the name of the host you're working on; however, you also need to have a domain (like google.com) so the full DNS name would be something like v6trial.google.com

JimBlake

I don't fully understand the need for a fully qualified domain name to be available globally >:( . As I understand it, this is strictly a test between my system and the HE system. The HE systems go to their own DNS servers (upon which I have configured my IPv6 Address and name "V6Trial"), and ask "What address is held by V6Trial?" and the DNS Server will come back with the response "V6Trial has address X::y:z". At this point, the system in HE then uses IPv6 addresses....the DNS name is simply a human-readable equivalent, and in this instance (and this instance ONLY!) I don't see a need for a globally avialable name/address resolution.

However, I have very clearly got this wrong somewhere, so can anyone please treat me like a complete newbie and tell me what I have to do? I have a domain in the IPv4 world which is of format "name.net", and which I can prefix with a "wildcard" so I can address any sites of the format "prefix.name.net"  with prefix being any alphanumeric string, but I don't think that helps. Do I have to register a proper globally available IPv6 domain name? I'm happy to do that if need be.

Thanks for the help so far, apologies for being a bit slow.... ???

cholzhauer

Quote
The HE systems go to their own DNS servers (upon which I have configured my IPv6 Address and name "V6Trial"), and ask "What address is held by V6Trial?" and the DNS Server will come back with the response "V6Trial has address X::y:z".

Exactly.

However, you NEED a domain name.  v6trial.com would be a proper domain name if you had registered it with someone like GoDaddy.

Quote
I have a domain in the IPv4 world which is of format "name.net", and which I can prefix with a "wildcard" so I can address any sites of the format "prefix.name.net"

Good.  Let's assume you own name.net.  I don't know who is hosting your DNS, but you need to go there and add an AAAA record for v6trial ( say it's 2001:db8:1234:5678::2)   After you do that, wait; it'll take some time for your changes to propagate.  After you've waited, a DNS lookup for v6trial.name.net should resolve to 2001:db8:1234:5678::2. 

patrickdk

Just to clarify that a little, domains don't exist in ipv4 or ipv6 world. DNS just makes storing ipv4 and ipv6 info inside them, it handles both, at the same time even.

But whoever hosts your domain dns servers, will have to have AAAA support for you to get this working. And as you get down into high level tests, you will have to add more records, like a MX entry for email that uses an AAAA record also, and NS entries that use AAAA. So if you find your current people that are hosting your dns, don't have their servers setup for ipv6 support, and don't have ipv6 addresses on them, you may want to not use that domain for these tests, and save yourself some hassle later on.

Now you can still use it if you want, but if you really want to complete all the tests with it, and they don't support it, you will have to move your domain to someplace that does support it, or get stuck later (you can request they reset your tests and can restart with a new domain).

JimBlake

But I have set up a record in the HE nameservers, and I am operating via a tunnel direct into their nameservers. I have set up a record in their nameservers for my "domain". While I apreciate that long-term, I will need a dns server and a domain that I can manipulate freely, I cannot see (OK, I'm probably thick, but humour me!) why when resolv.conf mandates the use of a specific server, that the server is "adjacent" in terms of the tunnel connection, and the testing server presumably uses the same HE DNS servers as my system will do because of resolv.conf, why I can't get this to work.

"But whoever hosts your domain dns servers, will have to have AAAA support for you to get this working" is exactly the point....I am artificially constraining the network to use the HE nameservers....and I'm assuming that they can resolve the name V6Trial, even though it won't work in the "real world"

Sorry Guys, I'm being thick here, but I'm missing what you're telling me....words of one syllable or less, please :-[


patrickdk

Your assumtion that you are tunneling direct to HE's nameservers is incorrect.

The tunnels go to the tunnel servers.

HE's nameservers are completely seperate (atleast from a function point of view, if not physically)

The HE webservers that do the testing, use HE's recursive servers (completely seperate from HE's nameservers)

So in order for the webservers to lookup a name, it contacts the recursive servers, that then look out on the internet for the name, IF the domain then points back to HE's nameservers, it uses them, but it doesn't use them by default at all.

cholzhauer

OK, lets do it this way.

What is your fully qualified domain name?  For example, the server I used for my testing was mars.sscorp.com  (mars = host, sscorp.com = domain.  The two together = fully qualified domain name)  Once you give me that, I can do some look ups and see what's going on.

Keep in mind that resolv.conf only works for that computer, not the whole domain/network/Internet.

Quote
...exactly the point....I am artificially constraining the network to use the HE nameservers....and I'm assuming that they can resolve the name V6Trial, even though it won't work in the "real world"...

But they still work the same way as the "real world"  What you're doing would probably work locally (from my PC, I could do a "nslookup mars" and have it return an address, but you would not be able to do that from your end.  Just because you're using HE for your tunnel and  DNS doesn't make them "part of your network"

JimBlake

Thanks for all your comments, it was patrickdk's reply that finally set me on my way forward. I set up a proper domain in freedns, waited till I could ping the name as well as the address (about an hour for the DNS records to propagate) then tried it again...and it worked a treat. It was difficult because I misinterpreted what the HE DNS servers were doing.   :D

doneill

in your wget error, you passed an invalid ipv6 url.

according to http://www.faqs.org/rfcs/rfc2732.html you should do something like:

Quote# wget -O /tmp/test.jpg http://[2001:470:b:126:1::1]/~doneill/tom-on-a-kodo.jpg
--2010-09-15 12:37:43--  http://[2001:470:b:126:1::1]/~doneill/tom-on-a-kodo.jpg
Connecting to 2001:470:b:126:1::1:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 84254 (82K) [image/jpeg]
Saving to: `/tmp/test.jpg'

100%[===================================================================================================================>] 84,254       162K/s   in 0.5s   

2010-09-15 12:37:43 (162 KB/s) - `/tmp/test.jpg' saved [84254/84254]

note the same brackets as used in a browser. :)

... of course, i could have lazily missed the point of your problem?

cholzhauer

Quote

... of course, i could have lazily missed the point of your problem?

I think so ;)  The problem was that he didn't have a FQDN to test with