• Welcome to Hurricane Electric's IPv6 Tunnel Broker Forums.

broken ipv6 dns implementation?

Started by matth1187, March 08, 2012, 10:26:51 AM

Previous topic - Next topic

matth1187

I would like the input of others regarding a setup i have, it seems to have been working fine for almost a year, now..well it seems broken!

noob alert.

On some machines i use google dns server 8.8.8.8, now all of a suddon my domain name seems to not resolve.
i would get anythign from no domain found or answers with no IP, some answer would have domain name twice(ie, ipv6.domain.com.domain.com)

to get to the point, do my ipv6 NS need to have ipv4 host records and vice cersa?

the story:i have a few ipv4 name servers for my domain, one i host from my companys ISP(master), 2 others zoneedit(slaves).
I have a tunnel setup to my home and have a machine running bind(ipv6 only)master.
I have added IPV6 glue at my registrar pointing to the bind i run at home though the tunnel
ipv4 NS only have ipv4 data(host records), and ipv6 NS (bind) only has ipv6 data (host records)<--- is this my problem?

im a little uncetain of how the process works with ipv6 in the mix.
a client has dns query for my domain (via ipv4) when the query gets down to my domain and lists the NS, i assume it will list both ipv4 and ipv6 addresses based on whatever my registrar has, from this point what happens?
does the query go ipv6 NS first and if timed out go ipv4? does it somehow know to give out  ipv6 address when talking v6 and v4 when talking v4), after thinking this i was more confused but also thought maybe my ipv6 NS should have v4 records and my ipv4 NS should also have v6 records. Is that the optimal way and what is causing my problem?

Is there an article or flow chart the depicts how dns querys are resolved when ipv6 in the mix, weather from ipv6 host or v4 and how it handles the query recursion via ipv4 or 6?

Thanks everyone i hope it is not as confusing as i make it to be..... ???


cholzhauer

I'm pretty confused.

What domain are we talking about?

broquea

#2
I'm assuming he meant mchnet.com (from his profile data). Use dig +trace if you want to see the path when queries are processed. however only having 1 name server host AAAA and the rest only hosting A, kind of a FAIL moment. The zone files should be the same on all name servers.

matth1187

#3
Thank you for your reply,

mchnet.com i should have stated that instead of some example.

And thank you for confirming that i should keep the data consistent on the NS (both ipv4 and v6 records).

(im new to dig)i was doing >dig @8.8.8.8 mail.mchnet.com +trace, which always return v4 address which means it was contacting the ipv4 NS (which only has v4 records)
i also tried dig @8.8.8.8 mail.mchnet.com AAAA and dont get any answer back.
Can the @ part of dig be any dns server or only the authoritive?

Thanks for the help, im learning.


I believe those strange answers i received such as mail.mchnet.com.mchet.com were due to using nslookup, dig never showed that. still doesnt explain the answer i got with no address.. from now i will use dig.

Do you know of any good reads that talk about DNS with ipv4/6?

Thanks you all