Google over IPv6

tsarna · April 18, 2009, 01:43:53 PM

There is actually an option for people who run their own caching DNS to use HE's servers selectively. Assuming he.net had two nameservers with v6 addresses FOO and BAR with whatever magic is needed for google IPv6, I think one should be able to use:

zone "google.com" {
type forward;
forward first;

forwarders {
FOO;
BAR;
};
};

in named.conf to get v6-enabled lookups from HE for google, but use one's own cache otherwise.

piojan · April 18, 2009, 01:48:40 PM

I have it done in a similar way.
And btw FOO and BAR do not need to be HE name servers but I am using HE as my main ipv6 link.

tsarna · April 18, 2009, 01:55:15 PM

No, but they need to be someone who will let you do recursion and most people don't allow recursion outside their networks, so I haven't found suitable values of FOO and BAR (BAZ...) yet.

piojan · April 18, 2009, 01:59:03 PM

Haven't searched on the US side of the globe but on the old continent you have a chance to find FOO.
Also a different suggestion: one can have more then one tunnel.

broquea · April 18, 2009, 02:23:26 PM

FYI, after their conference in March, we did a recursor deployment to help solve the latency issues they thought might affect traffic. They've agreed that that requirement has been met.
We're waiting to hear back from them about the white-listing getting approved.

tsarna · April 18, 2009, 02:58:40 PM

Quote from: piojan on April 18, 2009, 01:59:03 PM
Haven't searched on the US side of the globe but on the old continent you have a chance to find FOO.

True, but that would also likely end up returning addresses for Google hosts that serve Europe, which is suboptimal.

Quote
Also a different suggestion: one can have more then one tunnel.

True, but that's starting to sound like an awful lot of effort vs just typing ipv6.google.com (or just using v4!). I think named.conf mods is where I draw the line :)

tsarna · May 16, 2009, 09:30:49 AM

Quote from: broquea on April 18, 2009, 02:23:26 PM
FYI, after their conference in March, we did a recursor deployment to help solve the latency issues they thought might affect traffic. They've agreed that that requirement has been met.
We're waiting to hear back from them about the white-listing getting approved.

Any word back from them?

tsarna · June 02, 2009, 05:35:55 AM

Just received email about this, check your email for message with subject:

Hurricane Electric IPv6 tunnelbroker.net update

Executive summary: "works now".

davygrvy · June 12, 2009, 11:49:01 AM

anyone know the mod for use with dnsmask? This is for my WRT54G router running OpenWRT.

broquea · June 12, 2009, 12:09:52 PM

Quote from: davygrvy on June 12, 2009, 11:49:01 AM
anyone know the mod for use with dnsmask? This is for my WRT54G router running OpenWRT.

Not sure what you mean. Reading their man page it appears that if you have the recursor (v6 or v4) in your /etc/resolv.conf it should be using that:

Code Select

Dnsmasq is a DNS query forwarder: it it not capable of recursively answering arbitrary queries starting
 from the root servers but forwards such queries to a fully recursive upstream DNS server which is typically 
provided by an ISP. By default, dnsmasq reads /etc/resolv.conf to discover the IP addresses of the upstream
 nameservers it should use, since the information is typically stored there. Unless --no-poll is used, dnsmasq
 checks the modification time of /etc/resolv.conf (or equivalent if --resolv-file is used) and re-reads it if it 
changes. This allows the DNS servers to be set dynamically by PPP or DHCP since both protocols provide 
the information. Absence of /etc/resolv.conf is not an error since it may not have been created before a PPP 
connection exists. Dnsmasq simply keeps checking in case /etc/resolv.conf is created at any time.

davygrvy · June 12, 2009, 12:44:58 PM

Doesn't appear to work on the LAN side when I add 'nameserver 74.82.42.42' to /etc/resolv.conf. On the router itself, www.google.com does get a v6:

Code Select

root@OpenWrt:~# nslookup www.google.com
Server:    127.0.0.1
Address 1: 127.0.0.1 localhost.

Name:      www.google.com
Address 1: 2001:4860:b006::68
Address 2: 74.125.19.104 cf-in-f104.google.com
Address 3: 74.125.19.99 cf-in-f99.google.com
Address 4: 74.125.19.147 cf-in-f147.google.com
Address 5: 74.125.19.103 cf-in-f103.google.com

root@OpenWrt:~#

Doesn't appear to be the case on the LAN:

Code Select

davygrvy@bigmoma:~$ nslookup -type=AAAA www.google.com
Server:		192.168.1.1
Address:	192.168.1.1#53

Non-authoritative answer:
www.google.com	canonical name = www.l.google.com.

Authoritative answers can be found from:

davygrvy@bigmoma:~$

broquea · June 12, 2009, 01:22:37 PM

Ok, so it isn't a recursor, and isn't caching what results it gets, but nor does it provide you an answer. Does it hand out the dns ips via dhcp? maybe make it hand out the recursor that way instead of failing as it is? Not really familiar with this utility, so its all guesswork. I use bind for authoritative and pdns-recursor for my caching.

davygrvy · June 13, 2009, 02:02:29 AM

Found it. This applies to OpenWRT 9.04

1) open /etc/config/dhcp in vim.
2) under the dnsmask section, change the local line with the value '/lan/' to be '/google.com/74.82.42.42'.
3) exit and save
4) restart dnsmask

jgowder · June 19, 2009, 03:33:16 PM

Thank you this works on dd-wrt as well. Also you can use the ipv6 address for the google.com domain.

gplnpsb · June 29, 2009, 11:09:41 AM

Sorry could someone explain how to do this on dd-wrt? I can't find the file in which to change '/lan/' to /google.com/74.82.42.42'. Opening /etc/config/dhcp in vim on my dd-wrt v24-sp1 brings up a blank file.

Thanks

News:

Google over IPv6