Hurricane Electric's IPv6 Tunnel Broker Forums

Advanced search  

News:

Welcome to Hurricane Electric's Tunnelbroker.net forums!

Author Topic: nameserver's problem  (Read 6699 times)

helel

  • Newbie
  • *
  • Posts: 3
nameserver's problem
« on: June 11, 2008, 01:35:41 PM »

Hi to all
I've got a big problem on setting my nameserver on my subnet classes.
What I should do ?
Can you see if there are problems on dns settings ?
Thank you a lot!
Logged

broquea

  • Sr. Network Engineer, HE.NET AS6939
  • Administrator
  • Hero Member
  • *****
  • Posts: 1722
Re: nameserver's problem
« Reply #1 on: June 11, 2008, 03:12:07 PM »

I see that you've set delegation to ns1-3.afraid.org

What exactly is the problem, we need more details.

Also remember that you can only delegate for your routed /64 and /48 allocations, and never the point-to-point /64.
Logged

helel

  • Newbie
  • *
  • Posts: 3
Re: nameserver's problem
« Reply #2 on: June 11, 2008, 03:14:35 PM »

debian:~# host -n 2001:470:1f0b:40c:: ns1.he.net
Using domain server:
Name: ns1.he.net
Address: 216.218.130.2#53
Aliases:

0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.c.0.4.0.b.0.f.1.0.7.4.0.1.0.0.2.ip6.arpa has no PTR record

debian:~# dig 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.c.0.4.0.b.0.f.1.0.7.4.0.1.0.0.2.ip6.arpa NS

; <<>> DiG 9.4.2 <<>> 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.c.0.4.0.b.0.f.1.0.7.4.0.1.0.0.2.ip6.arpa NS
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 18631
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.c.0.4.0.b.0.f.1.0.7.4.0.1.0.0.2.ip6.arpa. IN NS

;; Query time: 1008 msec
;; SERVER: 85.37.17.43#53(85.37.17.43)
;; WHEN: Thu Jun 12 00:14:01 2008
;; MSG SIZE  rcvd: 90


This is my problem, no NS setted
Logged

broquea

  • Sr. Network Engineer, HE.NET AS6939
  • Administrator
  • Hero Member
  • *****
  • Posts: 1722
Re: nameserver's problem
« Reply #3 on: June 11, 2008, 03:26:12 PM »

All 5 HE.NET nameservers know to delegate to ns1-3.afraid.org

Query against ns1.he.net shows delegation:
Code: [Select]
dig @ns1.he.net -x 2001:0470:1f0b:40c::1

; <<>> DiG 9.5.0rc1 <<>> @ns1.he.net -x 2001:0470:1f0b:40c::1
; (1 server found)
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 32548
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 3, ADDITIONAL: 0
;; WARNING: recursion requested but not available

;; QUESTION SECTION:
;1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.c.0.4.0.b.0.f.1.0.7.4.0.1.0.0.2.ip6.arpa. IN PTR

;; AUTHORITY SECTION:
c.0.4.0.b.0.f.1.0.7.4.0.1.0.0.2.ip6.arpa. 4900 IN NS ns1.afraid.org.
c.0.4.0.b.0.f.1.0.7.4.0.1.0.0.2.ip6.arpa. 4900 IN NS ns2.afraid.org.
c.0.4.0.b.0.f.1.0.7.4.0.1.0.0.2.ip6.arpa. 4900 IN NS ns3.afraid.org.

;; Query time: 3 msec
;; SERVER: 216.218.130.2#53(216.218.130.2)
;; WHEN: Wed Jun 11 15:23:49 2008
;; MSG SIZE  rcvd: 154

Query against delegated server ns1.afraid.org shows the REFUSED status
Code: [Select]
dig @ns1.afraid.org -x 2001:0470:1f0b:40c::1

; <<>> DiG 9.5.0rc1 <<>> @ns1.afraid.org -x 2001:0470:1f0b:40c::1
; (1 server found)
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 31806
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; WARNING: recursion requested but not available

;; QUESTION SECTION:
;1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.c.0.4.0.b.0.f.1.0.7.4.0.1.0.0.2.ip6.arpa. IN PTR

;; Query time: 44 msec
;; SERVER: 67.19.72.206#53(67.19.72.206)
;; WHEN: Wed Jun 11 15:23:59 2008
;; MSG SIZE  rcvd: 90

You'll want to check your rDNS configuration with afraid.org.
Logged

snarked

  • Hero Member
  • *****
  • Posts: 766
name servers?
« Reply #4 on: July 04, 2008, 07:57:47 PM »

I note that the IPv6 lookups do reference all 5 of HE's name servers.  However, the forward lookup does not.

Quote
he.net.              170251  NS      ns1.he.net.
                        170251  NS      ns2.he.net.
                        170251  NS      ns3.he.net.

No ns4 or ns5.  Intentional or an oversight?
Logged

broquea

  • Sr. Network Engineer, HE.NET AS6939
  • Administrator
  • Hero Member
  • *****
  • Posts: 1722
Re: name servers?
« Reply #5 on: July 05, 2008, 01:11:37 PM »

I note that the IPv6 lookups do reference all 5 of HE's name servers.  However, the forward lookup does not.

Quote
he.net.              170251  NS      ns1.he.net.
                        170251  NS      ns2.he.net.
                        170251  NS      ns3.he.net.

No ns4 or ns5.  Intentional or an oversight?

ns4-5 are recently added (last 6mo+) to our production authoritative nameserver pool. The first step was to migrate the rDNS for our /32 from ns1.ipv6.he.net/ns2.ipv6.he.net to all 5 nameservers. The next phase is working with the registrar to get glue, as well as updating to have all 5 listed for our domain. Since the first 3 work without issue serving all the forward entries we host, we haven't felt pressed for time on adding the remaining 2 nameservers so we don't have an ETA on when the other 2 will be added at the registrar.
Logged