• Welcome to Hurricane Electric's IPv6 Tunnel Broker Forums.

Need help with Enthusiast: Could not grab the file via IPv6 HTTP

Started by nouri, August 04, 2010, 08:59:30 AM

Previous topic - Next topic

nouri

Hello Everyone,

I have the same problem:
Can somebody help?

The web server on port 80 seems to be addressable in IPv6:

wget -6 http://[2001:470:1f12:3eb::2]/2usbkft647.txt
--2010-08-04 13:47:18--  http://[2001:470:1f12:3eb::2]/2usbkft647.txt
Connecting to 2001:470:1f12:3eb::2:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 0 [text/plain]
Saving to: `2usbkft647.txt.6'

   [ <=>                                                                       ] 0           --.-K/s   in 0s

2010-08-04 13:47:18 (0.00 B/s) - `2usbkft647.txt.6' saved [0/0]



But the address resolution of FQHN gives the IPv4 address:


wget http://ajnouri.hd.free.fr/2usbkft647.txt
--2010-08-04 13:40:58--  http://ajnouri.hd.free.fr/2usbkft647.txt
Resolving ajnouri.hd.free.fr... 88.182.185.14
Connecting to ajnouri.hd.free.fr|88.182.185.14|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 0 [text/plain]
Saving to: `2usbkft647.txt.5'

   [ <=>                                                                       ] 0           --.-K/s   in 0s

2010-08-04 13:40:58 (0.00 B/s) - `2usbkft647.txt.5' saved [0/0]

#  


The server as well as the file is accessible from outside using IPv6 as url in the browser. But the enthusiast test fails.
I though may because The IPv6 is resolved to IPv4, but wireshak at the server shows http stream from the certification server side exchanging with the apache server using the tunnel IPv6:

12:47:37.941404 IP tserv10.par1.ipv6.he.net > vol75-16-88-182-185-14.fbx.proxad.net: IP6 ipv6.he.net.www > nouri-1-pt.tunnel.tserv10.par1.ipv6.he.n        et.59897: S 600154586:600154586(0) ack 2330577658 win 5712 <mss[|tcp]>
12:47:37.941447 IP vol75-16-88-182-185-14.fbx.proxad.net > tserv10.par1.ipv6.he.net: IP6 nouri-1-pt.tunnel.tserv10.par1.ipv6.he.net.59897 > ipv6.he        .net.www: . ack 1 win 89 <nop,nop,[|tcp]>
12:47:37.941523 IP vol75-16-88-182-185-14.fbx.proxad.net > tserv10.par1.ipv6.he.net: IP6 nouri-1-pt.tunnel.tserv10.par1.ipv6.he.net.59897 > ipv6.he        .net.www: P 1:785(784) ack 1 win 89 <nop,nop,[|tcp]>
12:47:38.138494 IP tserv10.par1.ipv6.he.net > vol75-16-88-182-185-14.fbx.proxad.net: IP6 ipv6.he.net.www > nouri-1-pt.tunnel.tserv10.par1.ipv6.he.n        et.59897: . ack 785 win 114 <nop,nop,[|tcp]>
12:47:39.897888 IP tserv10.par1.ipv6.he.net > vol75-16-88-182-185-14.fbx.proxad.net: IP6 ipv6.he.net.www > nouri-1-pt.tunnel.tserv10.par1.ipv6.he.n        et.59897: P 1:531(530) ack 785 win 114 <nop,nop,[|tcp]>
12:47:39.897934 IP vol75-16-88-182-185-14.fbx.proxad.net > tserv10.par1.ipv6.he.net: IP6 nouri-1-pt.tunnel.tserv10.par1.ipv6.he.net.59897 > ipv6.he        .net.www: . ack 531 win 106 <nop,nop,[|tcp]>


Thank you  in advance everyone.
<a href="http://ipv6.he.net/certification/scoresheet.php?pass_name=nouri" target="_blank"><img src="http://ipv6.he.net/certification/create_badge.php?pass_name=nouri&badge=3" width=229 height=137 border=0 alt="IPv6 Certification Badge for nouri"></img></a>

broquea

Did you create an AAAA record, because I'm not seeing one:

~$ wget -6 http://ajnouri.hd.free.fr/2usbkft647.txt -O /dev/null
--2010-08-04 09:10:54--  http://ajnouri.hd.free.fr/2usbkft647.txt
Resolving ajnouri.hd.free.fr... failed: No address associated with hostname.
wget: unable to resolve host address `ajnouri.hd.free.fr'
~$ dig aaaa ajnouri.hd.free.fr +trace

; <<>> DiG 9.7.0-P1 <<>> aaaa ajnouri.hd.free.fr +trace
;; global options: +cmd
. 438407 IN NS d.root-servers.net.
. 438407 IN NS j.root-servers.net.
. 438407 IN NS b.root-servers.net.
. 438407 IN NS i.root-servers.net.
. 438407 IN NS e.root-servers.net.
. 438407 IN NS l.root-servers.net.
. 438407 IN NS f.root-servers.net.
. 438407 IN NS c.root-servers.net.
. 438407 IN NS a.root-servers.net.
. 438407 IN NS m.root-servers.net.
. 438407 IN NS g.root-servers.net.
. 438407 IN NS h.root-servers.net.
. 438407 IN NS k.root-servers.net.
;; Received 509 bytes from 74.82.42.42#53(74.82.42.42) in 2 ms

fr. 172800 IN NS g.ext.nic.fr.
fr. 172800 IN NS d.ext.nic.fr.
fr. 172800 IN NS d.nic.fr.
fr. 172800 IN NS e.ext.nic.fr.
fr. 172800 IN NS f.ext.nic.fr.
fr. 172800 IN NS a.nic.fr.
fr. 172800 IN NS c.nic.fr.
;; Received 436 bytes from 2001:503:ba3e::2:30#53(a.root-servers.net) in 3 ms

free.fr. 172800 IN NS freens1-g20.free.fr.
free.fr. 172800 IN NS freens2-g20.free.fr.
;; Received 120 bytes from 2001:67c:1010:11::53#53(f.ext.nic.fr) in 141 ms

hd.free.fr. 86400 IN NS ns3-rev.proxad.net.
hd.free.fr. 86400 IN NS ns2-rev.proxad.net.
;; Received 90 bytes from 212.27.60.19#53(freens1-g20.free.fr) in 168 ms

;; Received 36 bytes from 212.27.53.199#53(ns2-rev.proxad.net) in 164 ms

nouri

Thank you for your prompt reply, obviously I missed something here, it seems that  the enthusiast certification doesn't ask for adding an AAAA record?
If it's implicit, how can I do it?

[1]   Generate a User Code     2usbkft647
[2]   Tell us what your IPv6 website is; FQDN please    http://ajnouri.hd.free.fr /
[3]   We will test grabbing the file:    http://ajnouri.hd.free.fr/2usbkft647.txt
[4]   Schedule the test:
<a href="http://ipv6.he.net/certification/scoresheet.php?pass_name=nouri" target="_blank"><img src="http://ipv6.he.net/certification/create_badge.php?pass_name=nouri&badge=3" width=229 height=137 border=0 alt="IPv6 Certification Badge for nouri"></img></a>

nouri

In dns.he.net I added the domain "free.fr" and an "A record" for "ajnouri.hd.free.fr" :

dig aaaa ajnouri.hd.free.fr ns1.he.net

; <<>> DiG 9.5.0-P2 <<>> aaaa ajnouri.hd.free.fr ns1.he.net
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 24166
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;ajnouri.hd.free.fr.            IN      AAAA

;; Query time: 3489 msec
;; SERVER: 212.27.54.252#53(212.27.54.252)
;; WHEN: Wed Aug  4 15:30:47 2010
;; MSG SIZE  rcvd: 36

;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 7012
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;ns1.he.net.                    IN      AAAA

;; AUTHORITY SECTION:
he.net.                 86400   IN      SOA     ns1.he.net. hostmaster.he.net. 201008040 10800 1800 604800 86400

;; Query time: 37 msec
;; SERVER: 212.27.54.252#53(212.27.54.252)
;; WHEN: Wed Aug  4 15:30:47 2010
;; MSG SIZE  rcvd: 75

<a href="http://ipv6.he.net/certification/scoresheet.php?pass_name=nouri" target="_blank"><img src="http://ipv6.he.net/certification/create_badge.php?pass_name=nouri&badge=3" width=229 height=137 border=0 alt="IPv6 Certification Badge for nouri"></img></a>

broquea

Unless you can create AAAA records in the free.fr zone, randomly creating stuff on our name servers won't help if we aren't listed as authoritative for that domain. We never query our authoritative name servers; only our caching recursors. So if you don't have control over free.fr zone entries, then you should probably use your own domain that you can control.

dig ns ajnouri.hd.free.fr +trace

; <<>> DiG 9.7.0-P1 <<>> ns ajnouri.hd.free.fr +trace
;; global options: +cmd
. 433136 IN NS f.root-servers.net.
. 433136 IN NS m.root-servers.net.
. 433136 IN NS d.root-servers.net.
. 433136 IN NS j.root-servers.net.
. 433136 IN NS g.root-servers.net.
. 433136 IN NS h.root-servers.net.
. 433136 IN NS a.root-servers.net.
. 433136 IN NS k.root-servers.net.
. 433136 IN NS e.root-servers.net.
. 433136 IN NS l.root-servers.net.
. 433136 IN NS i.root-servers.net.
. 433136 IN NS c.root-servers.net.
. 433136 IN NS b.root-servers.net.
;; Received 497 bytes from 74.82.42.42#53(74.82.42.42) in 2 ms

fr. 172800 IN NS a.nic.fr.
fr. 172800 IN NS c.nic.fr.
fr. 172800 IN NS d.ext.nic.fr.
fr. 172800 IN NS d.nic.fr.
fr. 172800 IN NS e.ext.nic.fr.
fr. 172800 IN NS f.ext.nic.fr.
fr. 172800 IN NS g.ext.nic.fr.
;; Received 438 bytes from 2001:500:3::42#53(l.root-servers.net) in 10 ms

free.fr. 172800 IN NS freens2-g20.free.fr.
free.fr. 172800 IN NS freens1-g20.free.fr.
;; Received 120 bytes from 2001:500:14:6039:ad::1#53(g.ext.nic.fr) in 2 ms

hd.free.fr. 86400 IN NS ns3-rev.proxad.net.
hd.free.fr. 86400 IN NS ns2-rev.proxad.net.
;; Received 90 bytes from 212.27.60.20#53(freens2-g20.free.fr) in 171 ms

;; Received 36 bytes from 212.27.53.199#53(ns2-rev.proxad.net) in 161 ms

patrickdk

even if you did support it, it wouldn't work due to dig command syntax error.

dig aaaa ajnouri.hd.free.fr @recursive.dnsserver.net

patrickdk

and looking more into it,

ns2-rev.proxad.net only responds with a single A record, no AAAA
and
ns3-rev.proxad.net doesn't respond with anything at all

nouri

Thank you guys for your answers,

The issue here that I have control only over my host with a reverse name given by my Internet provider!
Is there any suggestion about a domainname hoster that can offer such control over the nameserver (A, AAAA, NS, glue) records and using my  host as ipv6 web server, in short to perform HE certifications? Maybe HE itself?

Thank you for your assistance.
<a href="http://ipv6.he.net/certification/scoresheet.php?pass_name=nouri" target="_blank"><img src="http://ipv6.he.net/certification/create_badge.php?pass_name=nouri&badge=3" width=229 height=137 border=0 alt="IPv6 Certification Badge for nouri"></img></a>

cholzhauer


broquea

You can use dns.he.net for hosting the records, however it must be a domain you bought/registered and have pointed to our name servers.

nouri

Thank you guys for your help, I have just bought a domain with control over my zone nameserver, now proceeding with the certifications.
<a href="http://ipv6.he.net/certification/scoresheet.php?pass_name=nouri" target="_blank"><img src="http://ipv6.he.net/certification/create_badge.php?pass_name=nouri&badge=3" width=229 height=137 border=0 alt="IPv6 Certification Badge for nouri"></img></a>

nouri

Finally "Sage" !
It is amazing how much new things I have learned, especially with DNS implementation, and brushed up my knowledge of IPv6 with these certifications.

Keep up your work !
AJN
<a href="http://ipv6.he.net/certification/scoresheet.php?pass_name=nouri" target="_blank"><img src="http://ipv6.he.net/certification/create_badge.php?pass_name=nouri&badge=3" width=229 height=137 border=0 alt="IPv6 Certification Badge for nouri"></img></a>

jimb