Hurricane Electric's IPv6 Tunnel Broker Forums

Advanced search  

News:

Welcome to Hurricane Electric's Tunnelbroker.net forums!

Author Topic: reverse delegation not working  (Read 8839 times)

japje

  • Newbie
  • *
  • Posts: 5
reverse delegation not working
« on: August 21, 2008, 04:51:29 AM »

Hey guys,

i set up my tunnel and the ips are working fine :) so now i wanted to reverse them. Together with my collegue ive set up 2 NS (bind9) servers to provide the reverse delegation:

ipv4: 62.93.239.187 / 62.93.239.193
ipv6 2001:470:1f15:3cd::3  /  2001:470:1f15:3cd:216:3eff:fe7a:3991

ive setup an hostname for them:
ns1.ipv6.voor.me : 62.93.239.193  2001:470:1f15:3cd:216:3eff:fe7a:3991
ns2.ipv6.voor.me : 62.93.239.187  2001:470:1f15:3cd::3

from my isp's (xs4all) ipv6 tunnel and via http://www.berkom.blazing.de/tools/ping.cgi i can ping both ip's, and hostnames:
64 bytes from 2001:470:1f15:3cd:216:3eff:fe7a:3991: icmp_seq=1 ttl=58 time=26.1 ms
64 bytes from 2001:470:1f15:3cd::3: icmp_seq=1 ttl=59 time=23.3 ms

So that seems to work fine :)

The zonefile for 1 of the ranges:

Code: [Select]
$TTL 24H
8.0.1.d.0.7.4.0.1.0.0.2.ip6.arpa.       IN      SOA     ns1.tiscomhosting.nl.   hostmaster.tiscomhosting.nl.    (
                2008071936      ;serial
                2H      ;refresh
                1H      ;retry
                1W      ;expire
                4H)     ;minimum TTL

@               IN NS           ns1.ipv6.voor.me.
@               IN NS           ns2.ipv6.voor.me.


$ORIGIN 8.0.1.d.0.7.4.0.1.0.0.2.ip6.arpa.


1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0 IN      PTR     ip1.ipv6.japje.nl.
2.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0 IN      PTR     ip2.ipv6.japje.nl.
3.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0 IN      PTR     ip3.ipv6.japje.nl.
4.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0 IN      PTR     ip4.ipv6.japje.nl.
5.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0 IN      PTR     ip5.ipv6.japje.nl.



and if i do an lookup directly on the nameservers it works:
Quote
# nslookup 2001:470:d108::1 n1.ipv6.voor.me
Server:      ns1.ipv6.voor.me
Address:   2001:470:1f15:3cd:216:3eff:fe7a:3991#53

1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.8.0.1.d.0.7.4.0.1.0.0.2.ip6.arpa   name = ip1.ipv6.japje.nl.


but, if i do just an lookup it doesnt work:
Quote
~# nslookup 2001:470:d108::1
Server:      62.93.239.10
Address:   62.93.239.10#53

** server can't find 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.8.0.1.d.0.7.4.0.1.0.0.2.ip6.arpa: NXDOMAIN

So am i missing something? i cant seem to find the solution.
Logged

tufinhas

  • Newbie
  • *
  • Posts: 29
Re: reverse delegation not working
« Reply #1 on: August 21, 2008, 09:53:00 AM »

you need add your dns servers in tunnelbroker page.

or try remove and add it again

Quote
C:\Bind>dig ANY -x 2001:470:d108::1 +trace

; <<>> DiG 9.5.0 <<>> ANY -x 2001:470:d108::1 +trace
;; global options:  printcmd
.                       517820  IN      NS      K.ROOT-SERVERS.NET.
.                       517820  IN      NS      L.ROOT-SERVERS.NET.
.                       517820  IN      NS      M.ROOT-SERVERS.NET.
.                       517820  IN      NS      A.ROOT-SERVERS.NET.
.                       517820  IN      NS      B.ROOT-SERVERS.NET.
.                       517820  IN      NS      C.ROOT-SERVERS.NET.
.                       517820  IN      NS      D.ROOT-SERVERS.NET.
.                       517820  IN      NS      E.ROOT-SERVERS.NET.
.                       517820  IN      NS      F.ROOT-SERVERS.NET.
.                       517820  IN      NS      G.ROOT-SERVERS.NET.
.                       517820  IN      NS      H.ROOT-SERVERS.NET.
.                       517820  IN      NS      I.ROOT-SERVERS.NET.
.                       517820  IN      NS      J.ROOT-SERVERS.NET.
;; Received 500 bytes from 2001:470:912e::cc#53(2001:470:912e::cc) in 46 ms

ip6.arpa.               172800  IN      NS      NS.ICANN.ORG.
ip6.arpa.               172800  IN      NS      SEC1.APNIC.NET.
ip6.arpa.               172800  IN      NS      NS-SEC.RIPE.NET.
ip6.arpa.               172800  IN      NS      NS.LACNIC.NET.
ip6.arpa.               172800  IN      NS      TINNIE.ARIN.NET.
;; Received 220 bytes from 192.5.5.241#53(F.ROOT-SERVERS.NET) in 78 ms

0.7.4.0.1.0.0.2.ip6.arpa. 10800 IN      NS      ns4.he.net.
0.7.4.0.1.0.0.2.ip6.arpa. 10800 IN      NS      ns5.he.net.
0.7.4.0.1.0.0.2.ip6.arpa. 10800 IN      NS      ns3.he.net.
0.7.4.0.1.0.0.2.ip6.arpa. 10800 IN      NS      ns2.he.net.
0.7.4.0.1.0.0.2.ip6.arpa. 10800 IN      NS      ns1.he.net.
;; Received 186 bytes from 200.160.0.7#53(NS.LACNIC.NET) in 328 ms

d.0.7.4.0.1.0.0.2.ip6.arpa. 86400 IN    SOA     ns1.he.net. hostmaster.he.net. 2008082107 10800 1800
 604800 86400
;; Received 153 bytes from 216.66.1.2#53(ns4.he.net) in 171 ms
Logged

japje

  • Newbie
  • *
  • Posts: 5
Re: reverse delegation not working
« Reply #2 on: August 21, 2008, 10:01:29 AM »

you need add your dns servers in tunnelbroker page.

or try remove and add it again

I have done so a few times now allready, but so far no luck.
Logged

avongauss

  • Newbie
  • *
  • Posts: 14
    • Home Page
Re: reverse delegation not working
« Reply #3 on: August 21, 2008, 10:09:29 AM »


If the rDNS servers are entered for the tunnel, then you probably want to go ahead and open up a ticket by sending an e-mail to ipv6@he.net.  From what I can see here, it does not appear the rDNS delegation is in effect.

Code: [Select]
dig 8.0.1.d.0.7.4.0.1.0.0.2.ip6.arpa

; <<>> DiG 9.4.2-P1 <<>> 8.0.1.d.0.7.4.0.1.0.0.2.ip6.arpa
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 25624
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;8.0.1.d.0.7.4.0.1.0.0.2.ip6.arpa. IN   A

;; AUTHORITY SECTION:
d.0.7.4.0.1.0.0.2.ip6.arpa. 900 IN      SOA     ns1.he.net. hostmaster.he.net. 2008082107 10800 1800 604800 86400

;; Query time: 61 msec
;; SERVER: 68.87.74.162#53(68.87.74.162)
;; WHEN: Thu Aug 21 13:07:03 2008
;; MSG SIZE  rcvd: 107
Logged

broquea

  • Sr. Network Engineer, HE.NET AS6939
  • Administrator
  • Hero Member
  • *****
  • Posts: 1722
Re: reverse delegation not working
« Reply #4 on: August 21, 2008, 05:39:43 PM »

Appears to be a problem with thinking that .me domains aren't valid. I can't even do command-line whois queries for domains in .me. But I'll poke around and see what's up.
Logged