• Welcome to Hurricane Electric's IPv6 Tunnel Broker Forums.

Unable to find AAAA for MX record.

Started by dzmodest, November 03, 2015, 07:58:40 AM

Previous topic - Next topic

dzmodest

And Yeeeah :)
i have reached Sage level
i have just ordered the he t-shirt ^^


jinxjim

I have the same problem, it must be a bug in the test as my domain is pure IPv6 and the registration email (IPv6) I used worked, but it does not work in the test.
whois:
% The WHOIS service offered by EURid and the access to the records
% in the EURid WHOIS database are provided for information purposes
% only. It allows persons to check whether a specific domain name
% is still available or not and to obtain information related to
% the registration records of existing domain names.
%
% EURid cannot, under any circumstances, be held liable in case the
% stored information would prove to be wrong, incomplete or not
% accurate in any sense.
%
% By submitting a query you agree not to use the information made
% available to:
%
% - allow, enable or otherwise support the transmission of unsolicited,
%   commercial advertising or other solicitations whether via email or
%   otherwise;
% - target advertising in any possible way;
%
% - to cause nuisance in any possible way to the registrants by sending
%   (whether by automated, electronic processes capable of enabling
%   high volumes or other possible means) messages to them.
%
% Without prejudice to the above, it is explicitly forbidden to extract,
% copy and/or use or re-utilise in any form and by any means
% (electronically or not) the whole or a quantitatively or qualitatively
% substantial part of the contents of the WHOIS database without prior
% and explicit permission by EURid, nor in any attempt hereof, to apply
% automated, electronic processes to EURid (or its systems).
%
% You agree that any reproduction and/or transmission of data for
% commercial purposes will always be considered as the extraction of a
% substantial part of the content of the WHOIS database.
%
% By submitting the query you agree to abide by this policy and accept
% that EURid can take measures to limit the use of its WHOIS services
% in order to protect the privacy of its registrants or the integrity
% of the database.
%
% The EURid WHOIS service on port 43 (textual whois) never
% discloses any information concerning the registrant.
% Registrant and onsite contact information can be obtained through use of the
% webbased whois service available from the EURid website www.eurid.eu
%
% WHOIS saitan.eu
Domain: saitan.eu

Registrant:
        NOT DISCLOSED!
        Visit www.eurid.eu for webbased whois.

Technical:
        Name: Pascal Bouchareine
        Organisation: Gandi SAS
        Language: fr
        Phone: +33.170377661
        Fax: +33.143731851
        Email: eu-tech@gandi.net

Registrar:
        Name: GANDI
        Website: www.gandi.net

Name servers:
        zero.saitan.eu (2a01:348:1e5:cafe::53)
        uno.saitan.eu (2a01:348:1e5:cafe::153)

Keys:
        flags:KSK protocol:3 algorithm:RSA_SHA256 pubKey:AwEAAdRlayq6s8gRa0tIL8DqS+w+r0OB/pWaPpWVCRSrDnry7syEd0rHRvogd+XEjLV2decyKC8c/UUpl8M9DIv6Arzm7oW+8DIM4hElhVfYZTL/FLXzpeDP3r9VCOReshuv7f5Qby0Sc2eb3xte2ij+J3XJQWtsdMe4QTDjEx+DRhYrBzdKGZgaBT/elr4ivOjlpCzab2zXyVdLR1lM7qt5wQBoaMydhQdYhzB8m2kfjt4OEgo0bAfr0DYPDM4XpmU+EjhjfiSa3q56Fe2wjQYvabZ7ZMCak7+a11nSPU9iY6etFaDh3vPHNm70aOoGEnsl5OSGEv24BZ10ZNDnqwQetBM=

Please visit www.eurid.eu for more info.


dig mx saitan.eu:
; <<>> DiG 9.9.5-12.1-Debian <<>> mx saitan.eu
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 28217
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;saitan.eu. IN MX

;; ANSWER SECTION:
saitan.eu. 20310 IN MX 10 mail.saitan.eu.

;; Query time: 43 msec
;; SERVER: 2001:4860:4860::8888#53(2001:4860:4860::8888)
;; WHEN: Tue Mar 01 00:03:21 GMT 2016
;; MSG SIZE  rcvd: 59



dig aaaa mail.saitan.eu
; <<>> DiG 9.9.5-12.1-Debian <<>> @2001:4860:4860::8888 aaaa mail.saitan.eu
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 39551
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;mail.saitan.eu. IN AAAA

;; ANSWER SECTION:
mail.saitan.eu. 18824 IN AAAA 2a01:348:1e5:cafe::25

;; Query time: 65 msec
;; SERVER: 2001:4860:4860::8888#53(2001:4860:4860::8888)
;; WHEN: Tue Mar 01 00:06:39 GMT 2016
;; MSG SIZE  rcvd: 71



I makes no sense, as above, the email used for registration could only be sent as IPv6 there is no IPv4 in the saitan.eu domain. Google DNS says it is OK

dzmodest

Quote from: jinxjim on February 29, 2016, 04:10:25 PM
I have the same problem, it must be a bug in the test as my domain is pure IPv6 and the registration email (IPv6) I used worked, but it does not work in the test.
whois:
% The WHOIS service offered by EURid and the access to the records
% in the EURid WHOIS database are provided for information purposes
% only. It allows persons to check whether a specific domain name
% is still available or not and to obtain information related to
% the registration records of existing domain names.
%
% EURid cannot, under any circumstances, be held liable in case the
% stored information would prove to be wrong, incomplete or not
% accurate in any sense.
%
% By submitting a query you agree not to use the information made
% available to:
%
% - allow, enable or otherwise support the transmission of unsolicited,
%   commercial advertising or other solicitations whether via email or
%   otherwise;
% - target advertising in any possible way;
%
% - to cause nuisance in any possible way to the registrants by sending
%   (whether by automated, electronic processes capable of enabling
%   high volumes or other possible means) messages to them.
%
% Without prejudice to the above, it is explicitly forbidden to extract,
% copy and/or use or re-utilise in any form and by any means
% (electronically or not) the whole or a quantitatively or qualitatively
% substantial part of the contents of the WHOIS database without prior
% and explicit permission by EURid, nor in any attempt hereof, to apply
% automated, electronic processes to EURid (or its systems).
%
% You agree that any reproduction and/or transmission of data for
% commercial purposes will always be considered as the extraction of a
% substantial part of the content of the WHOIS database.
%
% By submitting the query you agree to abide by this policy and accept
% that EURid can take measures to limit the use of its WHOIS services
% in order to protect the privacy of its registrants or the integrity
% of the database.
%
% The EURid WHOIS service on port 43 (textual whois) never
% discloses any information concerning the registrant.
% Registrant and onsite contact information can be obtained through use of the
% webbased whois service available from the EURid website www.eurid.eu
%
% WHOIS saitan.eu
Domain: saitan.eu

Registrant:
        NOT DISCLOSED!
        Visit www.eurid.eu for webbased whois.

Technical:
        Name: Pascal Bouchareine
        Organisation: Gandi SAS
        Language: fr
        Phone: +33.170377661
        Fax: +33.143731851
        Email: eu-tech@gandi.net

Registrar:
        Name: GANDI
        Website: www.gandi.net

Name servers:
        zero.saitan.eu (2a01:348:1e5:cafe::53)
        uno.saitan.eu (2a01:348:1e5:cafe::153)

Keys:
        flags:KSK protocol:3 algorithm:RSA_SHA256 pubKey:AwEAAdRlayq6s8gRa0tIL8DqS+w+r0OB/pWaPpWVCRSrDnry7syEd0rHRvogd+XEjLV2decyKC8c/UUpl8M9DIv6Arzm7oW+8DIM4hElhVfYZTL/FLXzpeDP3r9VCOReshuv7f5Qby0Sc2eb3xte2ij+J3XJQWtsdMe4QTDjEx+DRhYrBzdKGZgaBT/elr4ivOjlpCzab2zXyVdLR1lM7qt5wQBoaMydhQdYhzB8m2kfjt4OEgo0bAfr0DYPDM4XpmU+EjhjfiSa3q56Fe2wjQYvabZ7ZMCak7+a11nSPU9iY6etFaDh3vPHNm70aOoGEnsl5OSGEv24BZ10ZNDnqwQetBM=

Please visit www.eurid.eu for more info.


dig mx saitan.eu:
; <<>> DiG 9.9.5-12.1-Debian <<>> mx saitan.eu
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 28217
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;saitan.eu. IN MX

;; ANSWER SECTION:
saitan.eu. 20310 IN MX 10 mail.saitan.eu.

;; Query time: 43 msec
;; SERVER: 2001:4860:4860::8888#53(2001:4860:4860::8888)
;; WHEN: Tue Mar 01 00:03:21 GMT 2016
;; MSG SIZE  rcvd: 59



dig aaaa mail.saitan.eu
; <<>> DiG 9.9.5-12.1-Debian <<>> @2001:4860:4860::8888 aaaa mail.saitan.eu
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 39551
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;mail.saitan.eu. IN AAAA

;; ANSWER SECTION:
mail.saitan.eu. 18824 IN AAAA 2a01:348:1e5:cafe::25

;; Query time: 65 msec
;; SERVER: 2001:4860:4860::8888#53(2001:4860:4860::8888)
;; WHEN: Tue Mar 01 00:06:39 GMT 2016
;; MSG SIZE  rcvd: 71



I makes no sense, as above, the email used for registration could only be sent as IPv6 there is no IPv4 in the saitan.eu domain. Google DNS says it is OK

Contact the support they will solve the problem (DNS / Cache Problem)
Good Luck :)

jinxjim

#18
I have ticket HE#3066535 being handles by a Senior Network Engineer, who insists that they are trying:

dig saitan.eu mx @2a01:348:1e5:cafe::0:53
dig saitan.eu mx @2a01:348:1e5:cafe::1:53
dig saitan.eu mx @2a01:348:1e5:cafe::2:53

But they are getting connection timed out, however,  here:

https://network-tools.webwiz.co.uk/dns-report.htm?domain=saitan%2Eeu&mail=true&IPv6=true

Says everything is OK

Still stuck at Enthusiast level  :o

cholzhauer


$ telnet 2a01:348:1e5:cafe::2 25
Trying 2a01:348:1e5:cafe::2...
telnet: connect to address 2a01:348:1e5:cafe::2: Connection refused
telnet: Unable to connect to remote host

jinxjim

Try

telnet 2a01:348:1e5:cafe::25  25
telnet 2a01:348:1e5:cafe::2:25  25

cholzhauer


$ telnet 2a01:348:1e5:cafe::2:25  25
Trying 2a01:348:1e5:cafe::2:25...
telnet: connect to address 2a01:348:1e5:cafe::2:25: Connection refused
telnet: Unable to connect to remote host
$ telnet 2a01:348:1e5:cafe::25  25
Trying 2a01:348:1e5:cafe::25...
telnet: connect to address 2a01:348:1e5:cafe::25: Connection refused
telnet: Unable to connect to remote host


HE is correct.

jinxjim

This  network-tools.webwiz.co.uk is connecting OK see the report:

https://network-tools.webwiz.co.uk/dns-report.htm?domain=saitan%2Eeu&mail=true&IPv6=true

Can you send me the traceroute 2a01:348:1e5:cafe::25

I am not getting any logging that you have attempted to pass my gateway

Edit:

If possible could you please send me an email to admin (at) saitan.eu ?

Thanks

cholzhauer


$ traceroute6 2a01:348:1e5:cafe::25
traceroute6 to 2a01:348:1e5:cafe::25 (2a01:348:1e5:cafe::25) from 2001:470:c27d:                                                             18::11, 64 hops max, 12 byte packets
1  ipv6router.sscorp.com  1.014 ms  0.729 ms  0.713 ms
2  servicespring-1.tunnel.tserv9.chi1.ipv6.he.net  33.313 ms  27.833 ms  27.725                                                              ms
3  ge3-4.core1.chi1.he.net  23.892 ms  27.881 ms  24.920 ms
4  100ge5-2.core1.nyc4.he.net  45.579 ms  40.182 ms  46.639 ms
5  10ge4-1.core1.nyc5.he.net  46.868 ms  43.634 ms  46.803 ms
6  2001:504:17:115::227  40.335 ms  63.033 ms  41.015 ms
7  ge-1-1-11-0.edge00.thn.uk.hso-group.net  122.601 ms  114.687 ms  114.157 ms
8  xe-8-3.core00.thn.uk.hso-group.net  122.647 ms  112.839 ms  118.600 ms
9  xe-4-1.core00.thw.uk.hso-group.net  130.524 ms  121.278 ms  157.215 ms
10  gblon02.sixxs.net  117.406 ms  112.898 ms  112.826 ms
11  gw-547.lon-02.gb.sixxs.net  114.533 ms  119.657 ms  115.030 ms


Stops there

Why not use HE for a tunnel?

jinxjim

#24
Thanks!!

I will open a ticket with Sixxs

HE does not support AYIYA and I don't have a connection with fixed IP. Actually, my ISP may sometimes changes my IP several times during the day.

Edit:
SIXXS looked at your traceroute and said  that the problem must be with my firewall, but I am puzzled of why
https://network-tools.webwiz.co.uk/dns-report.htm?domain=saitan%2Eeu&mail=true&IPv6=true
works OK and IPv6 enabled mail clients (like mail.google.com) sends me email OK, so they must be finding my AAAA MX record somehow.

I managed to do a tcpdump of my side of the tunnel and I can see my DNS is replying OK to the webpage. The dump is here: https://goo.gl/7SpxW9.

I can traceroute ICMP UDP and TCP from my DNS server to HE web page with no problem:


traceroute to 2001:470:0:9d::2 (2001:470:0:9d::2), 30 hops max, 80 byte packets
1  banana.saitan.eu (2a01:348:1e5:cafe::feed)  80.464 ms  87.302 ms  95.809 ms
2  gw-547.lon-02.gb.sixxs.net (2a01:348:6:222::1)  99.247 ms  116.230 ms  116.768 ms
3  gblon02.sixxs.net (2a01:348:0:4:0:3:1:1)  117.282 ms  119.235 ms  119.779 ms
4  ge-0-0-5-20.cs0.thw.uk.goscomb.net (2a01:348:0:4:0:3:0:1)  127.777 ms  138.860 ms  139.397 ms
5  xe-3-1.core00.the.uk.hso-group.net (2a01:348::65:0:1)  124.263 ms  124.768 ms  125.279 ms
6  ae-1.core00.thn.uk.hso-group.net (2a01:348::80:0:1)  123.466 ms  59.223 ms  85.267 ms
7  lonap.he.net (2001:7f8:17::1b1b:1)  81.096 ms  52.957 ms  53.756 ms
8  10ge2-9.core1.lon2.he.net (2001:470:0:2cd::1)  54.564 ms  89.299 ms  89.829 ms
9  100ge1-1.core1.nyc4.he.net (2001:470:0:2cf::2)  177.776 ms  195.676 ms  196.277 ms
10  100ge7-2.core1.chi1.he.net (2001:470:0:298::1)  196.847 ms  197.382 ms  232.448 ms
11  10ge15-2.core1.den1.he.net (2001:470:0:1af::2)  233.434 ms  180.107 ms  180.899 ms
12  10ge13-1.core1.lax2.he.net (2001:470:0:15d::2)  207.686 ms  183.257 ms  184.042 ms
13  100ge2-1.core1.lax1.he.net (2001:470:0:72::1)  190.225 ms  186.823 ms  199.987 ms
14  tserv1.lax1.he.net (2001:470:0:9d::2)  191.634 ms  183.053 ms  186.570 ms



::)


jinxjim

I had  a firewall rule that blocked UDP traceroute from the outside, as soon as I fixed it is now working.

Dunno what traceroute has to do with finding AAAA for MX record, but anyway I am no longer stuck at enthusiast level

kriteknetworks

existence of a dns record doesn't mean connectivity.....