• Welcome to Hurricane Electric's IPv6 Tunnel Broker Forums.

v6ns.org - IPv6 glue workaround

Started by tcuji, September 11, 2008, 02:33:47 PM

Previous topic - Next topic

tcuji

I've setup v6ns.org, a service allowing one to create A and AAAA records and host it on IPv6-enabled nameservers. The intended usage is to create such records for your nameservers, then point your domain(s) to those records.

This is useful when you have a domain with a registrar that does not support IPv6 glue. There are also numerous registries that have some servers (usually managed by external organizations - ISC, RIPE and nic.fr are common ones) with IPv6 connectivity, but don't support AAAA glue.

The v6ns.org zone is currently hosted on 4 geographically distributed nameservers (London, London, Germany and St Louis), 3 of them with IPv6 connectivity.

snarked

PIR says that IPv6 for the .org TLD is still under test, so how did you get the IPv6 glue in there?

tcuji

Did they actually say that, rather than merely not having posted any updates since http://blog.pir.org/?p=19? I just asked my registrar (Inwx) to add it, which they did; presumably via a standard registrar->registry interface.

Quote from: PIR.ORG just reached another milestone in its campaign to foster a more robust and secure Internet. Beginning today, July 31, the Internet addressing system known as IPv6 will be deployed for testing, and will shortly be available for full use by registrars.

IMO, ~42 days is more than "shortly".

What are they testing, anyway? The code change should be extremely trivial; of course, some tests should be done, but there's so little to be tested (both in code and number of things to test) that it should be brief.

I'm going to contact PIR about this.

snarked

It's merely that they haven't posted anything since stating they were testing.  Something important like this would likely have generated a separate blog entry at PIR.  In any event, I've complained to my registrar for NOT supporting IPv6 for .org when it appears that they do (and my registrar does support IPv6 for other TLDs).

snarked

OK - my registrar turned on IPv6 glue for .ORG today.

jeffw

For my own .org domain I used the nameservers from one of my .com domains.  These nameservers have IPv6 glue, so all is well.

Quote;; QUESTION SECTION:
;example.org.                     IN      ANY

;; ANSWER SECTION:
example.org.              600     IN      SOA     example.com. root.example.com. 2008062101 10800 900 604800 86400
example.org.              600     IN      NS      ns1.example.com.
example.org.              600     IN      NS      ns2.example.com.

example.org.              600     IN      A       0.0.0.0
example.org.              600     IN      MX      10 mail.example.com.
example.org.              600     IN      AAAA    ::

;; ADDITIONAL SECTION:
ns1.example.com.        600     IN      A       0.0.0.0
ns1.example.com.        600     IN      AAAA    ::
ns2.example.com.        600     IN      A       0.0.0.0
ns2.example.com.        600     IN      AAAA    ::

mail.example.com.       600     IN      A       0.0.0.0
mail.example.com.       600     IN      AAAA    ::
Jeff Walter

snarked

That's not glue - as it's out of zone.  Example.com and example.org are disjoint.

jrowens

nic.v6ns.org doesn't seem to be working correctly at the moment, I think, or else I'm using it wrong.  After entering 'x' in the subdomain, and 'y' as records with A and AAAA records, I should get the relevant records back when I do 'dig ANY y.x.v6ns.org. @ns0.nic.v6ns.org.', right?  I've done that, and I'm not getting any results back.  Perhaps the server needs some attention over the holidays?

tcuji

It's working now, and has been for a few days. I'm unsure what happened, but my logs show that nsdc rebuild failed - I suspect a stale lock file. I'm monitoring the situation and periodically testing v6ns.org; I don't anticipate further problems, but since I still don't know what caused it, I can't be sure whether there will be any.

tsarna

How long should I expect it to take between submitting the form and being able to dig the new entries?

Thanks

leenoux

#10
i've just create aaaa pointer in v6ns.org, pointing to my to ipv6 enabled nameservers.i can ping both nameserver ns(1|2).*.v6ns.org from outside.
so, do i just have to add those nameservers to my "don't support ipv6 glue record" registrar  ;D ?

thank you.  :)

Quote from: tcuji on September 11, 2008, 02:33:47 PM
I've setup v6ns.org, a service allowing one to create A and AAAA records and host it on IPv6-enabled nameservers. The intended usage is to create such records for your nameservers, then point your domain(s) to those records.

This is useful when you have a domain with a registrar that does not support IPv6 glue. There are also numerous registries that have some servers (usually managed by external organizations - ISC, RIPE and nic.fr are common ones) with IPv6 connectivity, but don't support AAAA glue.

The v6ns.org zone is currently hosted on 4 geographically distributed nameservers (London, London, Germany and St Louis), 3 of them with IPv6 connectivity.

chaz6

#11
Unfortunately not all registrars will let you assign glue records for your domain unless the glue is actually registered directly with the registry. I did initially try to use records in v6ns.org for my domain (chaz6.com), but I was not able to,. In the end I had to ask Ardya to register glue records for me with his own registrar.

I was however able to use v6ns.org records for domains in ip6.arpa delegated from SixXS.

Following is the response I received from Gandi on the subject of registering out-of-bailiwick glue, copied verbatim:-

The reason why the registry is not accepting your DNS is because the registry PIR does not have your
glue records registered:

   dig @TLD3.ULTRADNS.org.ns2.chaz6.v6ns.org A
   dig: couldn't get address for 'TLD3.ULTRADNS.org.ns2.chaz6.v6ns.org': not found

You will therefore first need to assure that you have administratively declared your host at the
registry level, and then, once it has glue records, you will be able to apply it to your domain name
as desired.


(Yes, they made a mistake by substituting a period for a space, though the outcome would have been the same in any case. Yes their system is flawed because it requires at least an A record in addition to AAAA. Maybe someday they will fix it.)

leenoux

#12
why did you use v6ns.org when your registrar is suporting for ipv6 glue directly?
isn't it more simple just build your own nameserver, then register it at gandi plus ipv6 glue record?(using vmware, if don't want provide additional hardware)
if i'm not mistaken what tcuji meant.he build v6ns.org to provide unsupported ipv6 glue record at registrar.v6ns.org just pointing AAAA record to our own nameserver(which is using ipv6 pointed by v6ns.org AAAA record).then we just add ns(1|2).*.v6ns.org to authoritative nameservers list at "unsupported ipv6 glue record" registrar. cmiiw

now the question is, is it realy work for the sage certification test? are these out-of-ballywick things need to supply ipv6 glue record at "unsupported ipv6 glue record" registrar?i'm confused  ;D , this is realy chickens-and-eggs things for me.

would someone kindly give enlightenment to us  :)

TIA

note: it doesn't work sage test still need glue record for ns(1|2).*.v6ns.org.  at TLD .

Quote from: chaz6 on July 26, 2009, 06:16:52 PM
Unfortunately not all registrars will let you assign glue records for your domain unless the glue is actually registered directly with the registry. I did initially try to use records in v6ns.org for my domain (chaz6.com), but I was not able to,. In the end I had to ask Ardya to register glue records for me with his own registrar.

I was however able to use v6ns.org records for domains in ip6.arpa delegated from SixXS.

Following is the response I received from Gandi on the subject of registering out-of-bailiwick glue, copied verbatim:-

The reason why the registry is not accepting your DNS is because the registry PIR does not have your
glue records registered:

   dig @TLD3.ULTRADNS.org.ns2.chaz6.v6ns.org A
   dig: couldn't get address for 'TLD3.ULTRADNS.org.ns2.chaz6.v6ns.org': not found

You will therefore first need to assure that you have administratively declared your host at the
registry level, and then, once it has glue records, you will be able to apply it to your domain name
as desired.


(Yes, they made a mistake by substituting a period for a space, though the outcome would have been the same in any case. Yes their system is flawed because it requires at least an A record in addition to AAAA. Maybe someday they will fix it.)


leenoux

#13
yayyy, i've finnaly remember that i have unused domain at gkg.net, added ipv6 AAAA glue on this domain,make this domain as authoritative nameserver for my domain, run the sage test, and voila, test is passed  ;).

thank you everyone.  :) especially Alex Broque for pointing me to the right direction.

these all fun and educating people  :)

chaz6

Quote from: leenoux on July 26, 2009, 07:14:42 PM
why did you use v6ns.org when your registrar is suporting for ipv6 glue directly?

Because it does not support ipv6 glue  ;) I tried and tried and tried, went several rounds with their support but in the end got nowhere.