• Welcome to Hurricane Electric's IPv6 Tunnel Broker Forums.

Hosting .no domain on dns.he.net - Deadlock

Started by hildenae, February 20, 2015, 07:07:17 AM

Previous topic - Next topic

hildenae

I added hild1.no to my active domains at dns.he.net yesterday. The he.net DNS servers are still not aswering authoratively for the domain, per:


dig A hild1.no @ns2.he.net
; <<>> DiG 9.9.5-4.3ubuntu0.2-Ubuntu <<>> A hild1.no @ns2.he.net
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 22328
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
;; WARNING: recursion requested but not available

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 2800
;; QUESTION SECTION:
;hild1.no.                      IN      A

;; Query time: 47 msec
;; SERVER: 216.218.131.2#53(216.218.131.2)
;; WHEN: Fri Feb 20 15:44:22 CET 2015
;; MSG SIZE  rcvd: 37


If i read the following error message correctly, this is because you require the domain to delegate to he.net nameservers before they will start answering authoratively.


Managing zone: hild1.no
ERROR: Delegation was not found. Please delegate to ns1, ns2, ns3, ns4 and ns5.he.net then retry.
We found theo.ns.cloudflare.com, abby.ns.cloudflare.com during our search.
This zone does not appear to be properly delegated to our nameservers. If you have corrected this issue,
please click the 'Check Delegation' tab below to have the zone rechecked. Keep in mind that once the
change has been made to refect our nameservers in your whois record, it may take up to 24 hours for
the actual delegation to take place.


However: NORID (The registry for Norwegian (.no) domain names) requires that nameservers answer authoritatively for a domain before they can be delegated to. It is not clearly stated on https://www.norid.no/regelverk/vedlegg-f.en.html, but to quote my registrar:

.no Domain name servers must be set up to answer authoritatively before a nameserver change can be performed.
Not all foreign ISPs are aware of this. Please contact those who operate name servers attempting to use, and ask them
to create a correct zone file (zone file) for hild1.no all nameservers.


I'm in kind of a deadlock.  ???

vobelic

Just add a new domain on dns.he.net regardless of the registrar and check with 'dig SOA hild1.no @ns2.he.net' that it's correctly added.
Afterwards set the NS definitions at your registrar to ns1.he.net, ns2.he.net etc.

hildenae

I added hild1.no to dns.he.net about a month ago, and it has been there since, including a autogenerated SOA record. However, 'dig SOA hild1.no @ns[12345].he.net' still does not return the SOA record.

LC_ALL=c date; dig SOA hild1.no @ns2.he.net
Tue Mar 24 16:47:08 CET 2015

; <<>> DiG 9.9.5-4.3ubuntu0.2-Ubuntu <<>> SOA hild1.no @ns2.he.net
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 20908
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
;; WARNING: recursion requested but not available

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 2800
;; QUESTION SECTION:
;hild1.no. IN SOA

;; Query time: 49 msec
;; SERVER: 2001:470:200::2#53(2001:470:200::2)
;; WHEN: Tue Mar 24 16:47:08 CET 2015
;; MSG SIZE  rcvd: 37

mtcinfomedia

Hi,

what was the solution?
I´m in the same situation.

Regards
Matt

hildenae

I contacted support@he.net - they supplied me with a spesific TXT record and key that allowed the transfer to go trough, even do i had not yet changed my nameservers with NORID. The transfer was a success, and hild1.no is now served via ns*.he.net.

mbence

Just for the record, the same happened to me and my .GQ domain while delegating it from FreeNom to HE.

(In the end I got a friend helping me out with a temporary authoritative primary nameserver.)

tjeske

I have the same problem with eu.org domain. How was your friend able to help you out?

divad27182

One possible solution to the deadlock:

  • setup your own temporary DNS server for the domain in question.  Make sure it lists the he.net DNS servers. (It will only need to be there for a few minutes.)
  • create a slave zone pointing to your DNS server.
  • convert the slave zone to a master.
  • get rid if the temporary DNS server.
At this point, the DNS zone exists, even without being delegated to.   :-)

I think there was a note about writing to one of the support addresses (dnsadmin@he.net or ipv6@he.net) as an alternative.

--David

neutronscott

Quote from: divad27182 on July 29, 2017, 07:24:36 AM
One possible solution to the deadlock:

  • setup your own temporary DNS server for the domain in question.  Make sure it lists the he.net DNS servers. (It will only need to be there for a few minutes.)
  • create a slave zone pointing to your DNS server.
  • convert the slave zone to a master.
  • get rid if the temporary DNS server.
At this point, the DNS zone exists, even without being delegated to.   :-)

I think there was a note about writing to one of the support addresses (dnsadmin@he.net or ipv6@he.net) as an alternative.

--David

I know I'm digging up old threads but this seems to be about the only one on the subject. I tried this method. dns.he.net even checks that the slave is delegated to them, and it's the same issue. I cannot add them to RIPE as rDNS. Awaiting dnsadmin@he.net to fix me up with something...