• Welcome to Hurricane Electric's IPv6 Tunnel Broker Forums.

cloudflare rdns problem!!!!

Started by mafiasx, May 12, 2012, 10:17:55 PM

Previous topic - Next topic

mafiasx

help i have pas all the test and i have forgot to make a rdns... the next day i was configure dns but i see for the first time this error "Failed to get AAAA from MX or your DOMAIN"
if i do a nslookup i only see the cloudflare default records and i cannot see the ip of my machine(server)...
i thought that it will be a problem but the process did not stuck anywhere.. except now...
it is a known error with cloudflare or is something else...
my domain is  mafiasx.com and in this domain is the mail tha  i give in the test ....here i have my main site so i cant mess with it..
but i have anather domain (so if i have to move to the he dns system i can only do with outher domain... but i don know how to change the given email..)
any sugestions... thanx..

kasperd

#1
Quote from: mafiasx on May 12, 2012, 10:17:55 PMmy domain is  mafiasx.com
The domain has two MX records. Only one of them have a AAAA record. However that should not be a problem. If the test did in fact require you to have a AAAA record for every MX, I'd call that a flaw in the test. The problem may have to do with the 24 hour TTL you have chosen for your records. If you tried the test before your records were complete and got something differently cached, then you'll need to wait 24 hours for the cache to expire before you can proceed with the test.

The host which the AAAA record points to is not reachable. There is a routing loop.

traceroute to 2001:5c0:1400:b::d505 (2001:5c0:1400:b::d505), 30 hops max, 80 byte packets
1  *  *  *
2  *  *  *
3  2001:470:0:69::1  46.914 ms  36.999 ms  40.407 ms
4  2001:7f8::32bd:0:1  157.678 ms  167.201 ms  170.600 ms
5  2001:4de0:1000:3::1  164.367 ms  161.745 ms  171.384 ms
6  2001:4de0:1000:1::2  159.743 ms  168.800 ms  179.265 ms
7  2001:4de0:a::2  187.344 ms  163.260 ms  162.535 ms
8  2001:4de0:1000:a22::2  165.231 ms  167.852 ms  175.034 ms
9  2001:4de0:1000:a22::1  163.876 ms  177.412 ms  162.581 ms
10  2001:4de0:1000:a22::2  165.833 ms  163.759 ms  187.217 ms
11  2001:4de0:1000:a22::1  164.784 ms  161.805 ms  166.037 ms
12  2001:4de0:1000:a22::2  165.124 ms  163.689 ms  169.517 ms
13  2001:4de0:1000:a22::1  164.241 ms  169.924 ms  170.869 ms
14  2001:4de0:1000:a22::2  163.860 ms  165.980 ms  188.885 ms
15  2001:4de0:1000:a22::1  162.157 ms  170.094 ms  161.580 ms
16  2001:4de0:1000:a22::2  168.306 ms  163.366 ms  192.215 ms
17  2001:4de0:1000:a22::1  180.829 ms  167.894 ms  170.287 ms
18  2001:4de0:1000:a22::2  170.909 ms  163.750 ms  187.929 ms
19  2001:4de0:1000:a22::1  164.471 ms  168.708 ms  172.428 ms
20  2001:4de0:1000:a22::2  184.704 ms  165.328 ms  170.639 ms
21  2001:4de0:1000:a22::1  162.985 ms  163.828 ms  164.209 ms
22  2001:4de0:1000:a22::2  187.789 ms  178.859 ms  166.175 ms
23  2001:4de0:1000:a22::1  166.960 ms  163.644 ms  167.326 ms
24  2001:4de0:1000:a22::2  163.791 ms  163.882 ms  169.439 ms
25  2001:4de0:1000:a22::1  164.026 ms  168.925 ms  169.022 ms
26  2001:4de0:1000:a22::2  166.645 ms  184.656 ms  166.171 ms
27  2001:4de0:1000:a22::1  166.099 ms  174.023 ms  166.361 ms
28  2001:4de0:1000:a22::2  172.046 ms  169.221 ms  200.439 ms
29  2001:4de0:1000:a22::1  164.729 ms  163.223 ms  171.979 ms
30  2001:4de0:1000:a22::2  165.533 ms  165.992 ms  173.066 ms

You'll need to fix that as well. Though the error message you got indicates that it never got far enough to notice this. I know the routing loop doesn't appear to be close to the mail server, but I tried to reach that mail server from four different locations and in all four cases I hit the same routing loop. I tested from two different HE tunnel servers, as well as 6to4 from two different ISPs.

And what's up with the subject? There was nothing about RDNS in your post. There is an RDNS problem as well, but you are not using cloudflare for RDNS, you are using gogo6.com. ns1.gogo6.com. returns valid RDNS for your mx, ns2.gogo6.com. returns NXDOMAIN. That sounds like gogo6 has a problem with synchronizing their secondary DNS server. I don't know if the routing loop can be blamed on gogo6 as well. It certainly doesn't give me a good first impression of gogo6. If those problems persists, you should look for another tunnel provider.

mafiasx

i have transfer my dns to the dns system
your results is with the he dns system ....i can't understand the error
it is my first time that i used tunnel except the vpn
and i don't have to many experience with rdns
soo any help will be appreciated

kasperd

I see that forward DNS for your mx is now pointing to an HE tunnel. But the old records with 24h TTL are still cached in some locations, so I will wait until tomorrow before I look much more at it.

The IP was responding on port 25 the first time I tried. But then it started getting flaky, and now I can no longer traceroute to your network.

You don't seem to have RDNS for the new IP yet. The NS records for the IP range point at the HE DNS servers, which reply with NXDOMAIN. I think that is what happens until you start configuring something.

You now have two options. Either you use the HE DNS servers and configure the RDNS records you want through the webinterface. I don't know how that works, since I never used that myself. But I should probably look into it. Or you specify your own DNS servers on the tunnel configuration page, which is what I did because I hadn't realized the other option existed.

mafiasx

i now use he dns...
i have setup all the records...
and rdns..
but in nslookup i still see cloudflare ns server see

and the rdns for my adrees is ok (mafiasx.com)
maybe i have to wait ...but it has past 18 hours

kasperd

Quote from: mafiasx on May 13, 2012, 04:36:41 PMmaybe i have to wait ...but it has past 18 hours
Yes, you may have to wait longer, because you moved to a different DNS provider. The records indicating which DNS provider is responsible for your domain have a 48 hour TTL.

Before you started making changes, your forward DNS was the only thing that worked without problems. There wasn't actually any need to move your forward DNS to HE. You could have used cloudflare for forward DNS and HE for RDNS, and everything would have been just fine. But now that you have moved it, you may as well keep it all in one place.

If you don't want to wait for the 48 hour TTL to expire, you can create records at cloudflare identical to those at HE, then those will be used until the NS records expire.

If I had known which DNS server you were using, I could verify if this 48 hour TTL is really the problem you are facing, but you only listed it as unknown.

mafiasx

the problem was solved....
i sent a email and they see that it was a conflict with the cloudflare ns and the he.net
in the meantime the gog6 server was maintained soo the change take up to 24 hours to vertificated
thnx for your help ... i recoment to sent mail if you have make all the records ok but you still cant pass the test...thanx he thanx kasperd