• Welcome to Hurricane Electric's IPv6 Tunnel Broker Forums.

Difficulty passing Administrator test

Started by jasc22, April 28, 2011, 10:31:27 AM

Previous topic - Next topic
Print
Go Down Pages 1 2
User actions

jasc22

#15
May 03, 2011, 02:57:54 PM
Thx johnpoz!!! ATT was blocking port 25. I resolved the issues per your email below and then tried but still no luck. Checking my system to see if there are any configuration issues that I need to resolve.

johnpoz

#16
May 04, 2011, 07:00:40 AM
what did you fix??  You still have the same problem

dig 5103.jasc22.com AAAA +trace

;; Received 493 bytes from 2001:7fd::1#53(k.root-servers.net) in 90 ms

jasc22.com.             172800  IN      NS      ns1.he.net.
jasc22.com.             172800  IN      NS      ns2.he.net.
jasc22.com.             172800  IN      NS      ns3.he.net.
jasc22.com.             172800  IN      NS      ns4.he.net.
jasc22.com.             172800  IN      NS      ns5.he.net.
jasc22.com.             172800  IN      NS      ns71.domaincontrol.com.
jasc22.com.             172800  IN      NS      ns72.domaincontrol.com.
;; Received 405 bytes from 192.48.79.30#53(j.gtld-servers.net) in 191 ms

jasc22.com.             86400   IN      SOA     ns71.domaincontrol.com. dns.jomax.net. 2011050303 28800 7200 604800 8640          0
;; Received 104 bytes from 216.69.185.46#53(ns71.domaincontrol.com) in 47 ms

Notice when ns71.domaincontrol.com gets asked for AAAA of your mail host you get just SOA - fail!!

If one of the he.net servers get ask you return

5103.jasc22.com.        300     IN      AAAA    2001:470:d:ee7::2
;; Received 61 bytes from 2001:470:300::2#53(ns3.he.net) in 90 ms

But I still show that not answering on 25 anyway!!

telnet 5103.jasc22.com 25
Trying 2001:470:d:ee7::2...

Just hangs -- so you still have a dns problem, and you still have a port blocked problem.  So yeah email never going to work.




jasc22

#17
May 04, 2011, 10:49:30 AM
hi johnpoz.....so when i try to run dig 5103.jasc22.com AAAA +trace i get the following error. I ran other dig commands and it seems like it's working. Please let me know your thoughts. As well, I have included my mail.log and I received the email but still having issues with postfix.

Code Select

s733l@5103:~$ dig 5103.jasc22.com AAAA +trace

; <<>> DiG 9.7.1-P2 <<>> 5103.jasc22.com AAAA +trace
;; global options: +cmd
;; connection timed out; no servers could be reached


Code Select

s733l@5103:~$ dig 5103.jasc22.com AAAA +trace

; <<>> DiG 9.7.1-P2 <<>> 5103.jasc22.com AAAA +trace
;; global options: +cmd
;; connection timed out; no servers could be reached


However, when I run the following I get the results below.

Code Select

s733l@5103:~$ dig any jasc22.com

; <<>> DiG 9.7.1-P2 <<>> any jasc22.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 30888
;; flags: qr rd ra; QUERY: 1, ANSWER: 9, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;jasc22.com. IN ANY

;; ANSWER SECTION:
jasc22.com. 300 IN MX 10 5103.jasc22.com.
jasc22.com. 86400 IN SOA ns1.he.net. hostmaster.he.net. 2011050309 10800 1800 604800 86400
jasc22.com. 300 IN AAAA 2001:470:d:ee7::2
jasc22.com. 300 IN NS ns4.he.net.
jasc22.com. 300 IN NS ns3.he.net.
jasc22.com. 300 IN NS ns5.he.net.
jasc22.com. 300 IN NS ns2.he.net.
jasc22.com. 300 IN NS ns1.he.net.

;; Query time: 61 msec
;; SERVER: 192.168.1.254#53(192.168.1.254)
;; WHEN: Wed May  4 10:44:24 2011
;; MSG SIZE  rcvd: 236

Code Select

s733l@5103:~$ dig @ns1.he.net -x 2001:470:d:ee7::2

; <<>> DiG 9.7.1-P2 <<>> @ns1.he.net -x 2001:470:d:ee7::2
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 48445
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; WARNING: recursion requested but not available

;; QUESTION SECTION:
;2.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.7.e.e.0.d.0.0.0.0.7.4.0.1.0.0.2.ip6.arpa. IN PTR

;; ANSWER SECTION:
2.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.7.e.e.0.d.0.0.0.0.7.4.0.1.0.0.2.ip6.arpa. 86400 IN PTR jasc22.com.

;; Query time: 36 msec
;; SERVER: 216.218.130.2#53(216.218.130.2)
;; WHEN: Wed May  4 10:44:59 2011
;; MSG SIZE  rcvd: 114


Code Select

s733l@5103:~$ dig aaaa 5103.jasc22.com +short
2001:470:d:ee7::2


Below is my mail.log....I did receive the email but having issues with postfix seems like it.
Code Select

May  4 08:26:45 5103 postfix/cleanup[3209]: 7EB1A9A0372: message-id=<4dc1703592b3b.1304522805@ipv6.he.net>
May  4 08:26:45 5103 postfix/qmgr[3072]: 7EB1A9A0372: from=<ipv6@he.net>, size=439, nrcpt=1 (queue active)
May  4 08:30:31 5103 postfix/cleanup[3473]: EB4759A038A: message-id=<4dc17117078fe.1304523031@ipv6.he.net>
May  4 08:30:31 5103 postfix/qmgr[3461]: EB4759A038A: from=<ipv6@he.net>, size=439, nrcpt=1 (queue active)
May  4 08:34:44 5103 postfix/qmgr[3644]: 7EB1A9A0372: from=<ipv6@he.net>, size=439, nrcpt=1 (queue active)
May  4 08:36:30 5103 postfix/qmgr[3891]: EB4759A038A: from=<ipv6@he.net>, size=439, nrcpt=1 (queue active)
May  4 08:47:24 5103 postfix/qmgr[4155]: 7EB1A9A0372: from=<ipv6@he.net>, size=439, nrcpt=1 (queue active)
May  4 08:47:24 5103 postfix/qmgr[4155]: EB4759A038A: from=<ipv6@he.net>, size=439, nrcpt=1 (queue active)
May  4 08:48:49 5103 postfix/cleanup[4323]: 6D3489A0388: message-id=<4dc1703592b3b.1304522805@ipv6.he.net>
May  4 08:48:49 5103 postfix/qmgr[4155]: 6D3489A0388: from=<ipv6@he.net>, size=853, nrcpt=1 (queue active)
May  4 08:48:49 5103 postfix/cleanup[4326]: BD6A29A03C0: message-id=<4dc17117078fe.1304523031@ipv6.he.net>
May  4 08:48:49 5103 postfix/qmgr[4155]: BD6A29A03C0: from=<ipv6@he.net>, size=853, nrcpt=1 (queue active)
May  4 08:48:50 5103 postfix/smtp[4327]: B6FAE9A03BF: to=<ipv6@he.net>, relay=he.net[2001:470:0:76::2]:25, delay=0.58, delays=0.1/0.1/0.24/0.14, dsn=4.0.0, status=deferred (host he.net[2001:470:0:76::2] said: 450 Mailbox temporarily unavailable, sorry (in reply to end of DATA command))
May  4 08:48:50 5103 postfix/smtp[4328]: 13EF59A038A: to=<ipv6@he.net>, relay=he.net[2001:470:0:76::2]:25, delay=0.61, delays=0.2/0.03/0.25/0.14, dsn=4.0.0, status=deferred (host he.net[2001:470:0:76::2] said: 450 Mailbox temporarily unavailable, sorry (in reply to end of DATA command))
May  4 08:57:25 5103 postfix/smtp[4539]: B6FAE9A03BF: to=<ipv6@he.net>, relay=he.net[2001:470:0:76::2]:25, delay=516, delays=514/0.04/0.24/1.1, dsn=2.0.0, status=sent (250 Email accepted)
May  4 08:57:30 5103 postfix/smtp[4540]: 13EF59A038A: to=<ipv6@he.net>, relay=he.net[2001:470:0:76::2]:25, delay=520, delays=514/0.04/5.2/1.1, dsn=2.0.0, status=sent (250 Email accepted)

jasc22

#18
May 04, 2011, 12:17:57 PM
Okay...had to make changes to resolv.conf and below is what I got. thx for all your help, johnpoz!! :)

Code Select

s733l@5103:~$ dig 5103.jasc22.com AAAA +trace

; <<>> DiG 9.7.1-P2 <<>> 5103.jasc22.com AAAA +trace
;; global options: +cmd
. 476485 IN NS i.root-servers.net.
. 476485 IN NS d.root-servers.net.
. 476485 IN NS b.root-servers.net.
. 476485 IN NS e.root-servers.net.
. 476485 IN NS a.root-servers.net.
. 476485 IN NS c.root-servers.net.
. 476485 IN NS j.root-servers.net.
. 476485 IN NS m.root-servers.net.
. 476485 IN NS h.root-servers.net.
. 476485 IN NS l.root-servers.net.
. 476485 IN NS f.root-servers.net.
. 476485 IN NS g.root-servers.net.
. 476485 IN NS k.root-servers.net.
;; Received 228 bytes from 68.94.156.1#53(68.94.156.1) in 26 ms

com. 172800 IN NS c.gtld-servers.net.
com. 172800 IN NS e.gtld-servers.net.
com. 172800 IN NS f.gtld-servers.net.
com. 172800 IN NS i.gtld-servers.net.
com. 172800 IN NS a.gtld-servers.net.
com. 172800 IN NS j.gtld-servers.net.
com. 172800 IN NS g.gtld-servers.net.
com. 172800 IN NS d.gtld-servers.net.
com. 172800 IN NS m.gtld-servers.net.
com. 172800 IN NS b.gtld-servers.net.
com. 172800 IN NS k.gtld-servers.net.
com. 172800 IN NS l.gtld-servers.net.
com. 172800 IN NS h.gtld-servers.net.
;; Received 505 bytes from 2001:503:ba3e::2:30#53(a.root-servers.net) in 38 ms

jasc22.com. 172800 IN NS ns1.he.net.
jasc22.com. 172800 IN NS ns2.he.net.
jasc22.com. 172800 IN NS ns3.he.net.
jasc22.com. 172800 IN NS ns4.he.net.
jasc22.com. 172800 IN NS ns5.he.net.
jasc22.com. 172800 IN NS ns71.domaincontrol.com.
jasc22.com. 172800 IN NS ns72.domaincontrol.com.
;; Received 405 bytes from 2001:503:a83e::2:30#53(a.gtld-servers.net) in 36 ms

5103.jasc22.com. 300 IN AAAA 2001:470:d:ee7::2
;; Received 61 bytes from 2001:470:300::2#53(ns3.he.net) in 34 ms

johnpoz

#19
May 04, 2011, 12:35:36 PM
I don't know how to say this any different..

Notice in your trace you hot that record from he.net server

5103.jasc22.com.   300   IN   AAAA   2001:470:d:ee7::2
Received 61 bytes from 2001:470:300::2#53(ns3.he.net) in 34 ms

But if you ask

asc22.com.      172800   IN   NS   ns71.domaincontrol.com.
jasc22.com.      172800   IN   NS   ns72.domaincontrol.com.

You do NOT get a AAAA response -- all server listed as your NS should have ALL records, you really should pull the domaincontrol.com servers out if they are not going to have all the records in them.

Im not currently at a location where I can connect via IPv6 would have to vpn into my home network or wait til get home.. But the box last couple times I have checked was NOT listening on 25 on that address

jasc22

#20
May 04, 2011, 01:32:13 PM
thx johnpoz!!! that worked!! ;D

johnpoz

#21
May 04, 2011, 05:23:08 PM
yeah much better

;; Received 493 bytes from 2001:500:2f::f#53(f.root-servers.net) in 44 ms

jasc22.com.             172800  IN      NS      ns1.he.net.
jasc22.com.             172800  IN      NS      ns2.he.net.
jasc22.com.             172800  IN      NS      ns3.he.net.
jasc22.com.             172800  IN      NS      ns4.he.net.
jasc22.com.             172800  IN      NS      ns5.he.net.
;; Received 321 bytes from 192.12.94.30#53(e.gtld-servers.net) in 128 ms

5103.jasc22.com.        300     IN      AAAA    2001:470:d:ee7::2
;; Received 61 bytes from 216.218.130.2#53(ns1.he.net) in 88 ms

Still not showing your server listening on 25 on ipv6, did you turn it off already?

So I can telnet to the he.net mx server on ipv6

telnet 2001:470:0:76::2 25
Trying 2001:470:0:76::2...
Connected to 2001:470:0:76::2.
Escape character is '^]'.
220 he.net ESMTP Ready

see
http://www.subnetonline.com/pages/ipv6-network-tools/online-ipv6-port-scanner.php
Checked port 25 on Host/IP 2001:470:0:76::2...
The checked port (25) is online/reachable!
Completed portscan in 0.162 seconds

But yours just sits there and port shows close on a port scan
Yours fails

Checked port 25 on Host/IP 2001:470:d:ee7::2...
The checked port (25) is offline/unreachable
Reason: Connection timed out (110)
Portscan ran for 9.9877 seconds






jasc22

#22
May 05, 2011, 04:05:46 PM
Hey johnpoz, thx for checking! I got to Sage yesterday and the Administrator was the only test holding me up. The reason why you were unable to telnet was because l shutdown my machine. Great learning experience and appreciate your help!! ;D
Print
Go Up Pages 1 2
User actions