• Welcome to Hurricane Electric's IPv6 Tunnel Broker Forums.

rDNS + afraid.org problem

Started by InToSSH1, February 24, 2009, 03:14:29 PM

Previous topic - Next topic


Hello.. im still a bit confused by this whole thing. I know how rDNS works but cant get it to work here. i hope i understand it in this way. ive already spent 3days setting that so i wud really appreciate some help.
Client IPv6 address:   2001:470:1f0a:1408::2/64
Routed /64:   2001:470:1f0b:1408::/64

              RDNS Delegation NS1:   ns1.afraid.org
   RDNS Delegation NS2:   ns2.afraid.org
   RDNS Delegation NS3:   ns3.afraid.org

My router has sit1 configuration for both subnets.
Somewhere on this forum i read i need the Routed /64 for delegation.
Well i have a domain intossh.net

ipv6.intossh.net AAAA 2001:470:1f0a:1408::2
www.intossh.net CNAME intossh.net
intossh.net AAAA 2001:470:1f0b:1408::2
ipv4.intossh.net A
intossh.net MX mail6.intossh.net 10
mail6.intossh.net AAAA 2001:470:1f0b:1408::2
^ this is from domain registrator's website so dont look how its written..its not a zone file.

and i ve a Reverse DNS on afraid.org

2001:0470:1f0b:1408:0000:0000:0000:0002 intossh.net

dig returns this

dig -x 2001:470:1f0b:1408::2 @ns1.afraid.org

; <<>> DiG 9.5.0-P2 <<>> -x 2001:470:1f0b:1408::2 @ns1.afraid.org
;; global options:  printcmd                                     
;; Got answer:                                                   
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 64197       
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 4, ADDITIONAL: 4
;; WARNING: recursion requested but not available                   


;; ANSWER SECTION: 60 IN PTR intossh.net.

;; AUTHORITY SECTION: 60 IN NS ns1.afraid.org. 60 IN NS ns2.afraid.org. 60 IN NS ns3.afraid.org. 60 IN NS ns4.afraid.org.

On that router/server is postfix server.. And i just dont know what is wrong.. It keeps telling me "Your MX does not appear to have working RDNS".
Maybe this is stupid question and i dont understand it right..


Maybe this:
$ host
Host not found: 3(NXDOMAIN)

$ host 2001:470:1f0a:1408::2
Host not found: 3(NXDOMAIN)


hmm this shud work also?
this works:

jerry@InToSSH-linux:~> host 2001:470:1f0b:1408::2 domain name pointer intossh.net.

i thot that another IPs are not needed to be in reverse


$ dig -x 2001:470:1f0a:1408::2 @ns1.he.net

; <<>> DiG 9.6.0b1 <<>> -x 2001:470:1f0a:1408::2 @ns1.he.net
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 47746
;; flags: qr aa rd; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; WARNING: recursion requested but not available


a.0.f. 86400 IN SOA  ns1.he.net. hostmaster.he.net. 2009022437 10800 1800 604800 86400

;; Query time: 228 msec
;; WHEN: Wed Feb 25 00:37:36 2009
;; MSG SIZE  rcvd: 153

this could go to ipv6@he.net if it's like this for a long time. The p2p link has automatic naming.

Your real ipv4 that a harder thing.
You are not able to do anything apart form asking your ISP.

$ dig +trace -x

; <<>> DiG 9.6.0b1 <<>> +trace -x
;; global options: +cmd
.                       514866  IN      NS      K.ROOT-SERVERS.NET.
.                       514866  IN      NS      H.ROOT-SERVERS.NET.
.                       514866  IN      NS      L.ROOT-SERVERS.NET.
.                       514866  IN      NS      C.ROOT-SERVERS.NET.
.                       514866  IN      NS      D.ROOT-SERVERS.NET.
.                       514866  IN      NS      E.ROOT-SERVERS.NET.
.                       514866  IN      NS      B.ROOT-SERVERS.NET.
.                       514866  IN      NS      I.ROOT-SERVERS.NET.
.                       514866  IN      NS      F.ROOT-SERVERS.NET.
.                       514866  IN      NS      A.ROOT-SERVERS.NET.
.                       514866  IN      NS      M.ROOT-SERVERS.NET.
.                       514866  IN      NS      G.ROOT-SERVERS.NET.
.                       514866  IN      NS      J.ROOT-SERVERS.NET.
;; Received 241 bytes from in 23 ms

arpa.                   172800  IN      NS      M.ROOT-SERVERS.NET.
arpa.                   172800  IN      NS      A.ROOT-SERVERS.NET.
arpa.                   172800  IN      NS      B.ROOT-SERVERS.NET.
arpa.                   172800  IN      NS      C.ROOT-SERVERS.NET.
arpa.                   172800  IN      NS      D.ROOT-SERVERS.NET.
arpa.                   172800  IN      NS      E.ROOT-SERVERS.NET.
arpa.                   172800  IN      NS      F.ROOT-SERVERS.NET.
arpa.                   172800  IN      NS      G.ROOT-SERVERS.NET.
arpa.                   172800  IN      NS      H.ROOT-SERVERS.NET.
arpa.                   172800  IN      NS      I.ROOT-SERVERS.NET.
arpa.                   172800  IN      NS      K.ROOT-SERVERS.NET.
arpa.                   172800  IN      NS      L.ROOT-SERVERS.NET.
;; Received 496 bytes from 2001:503:c27::2:30#53(J.ROOT-SERVERS.NET) in 142 ms

88.in-addr.arpa.        86400   IN      NS      SEC3.APNIC.NET.
88.in-addr.arpa.        86400   IN      NS      SUNIC.SUNET.SE.
88.in-addr.arpa.        86400   IN      NS      NS-PRI.RIPE.NET.
88.in-addr.arpa.        86400   IN      NS      TINNIE.ARIN.NET.
88.in-addr.arpa.        86400   IN      NS      NS.LACNIC.NET.
88.in-addr.arpa.        86400   IN      NS      NS3.NIC.FR.
88.in-addr.arpa.        86400   IN      NS      SEC1.APNIC.NET.
;; Received 219 bytes from 2001:503:ba3e::2:30#53(A.ROOT-SERVERS.NET) in 140 ms

88.in-addr.arpa.        7200    IN      SOA     ns-pri.ripe.net. dns-help.ripe.net. 2009022493 3600 7200 1209600 7200
;; Received 104 bytes from 2001:660:3006:1::1:1#53(NS3.NIC.FR) in 57 ms

By the way - the problem is with postfix only?
It might just be a worning that can be ignored.


Postfix shud be working properly.. I successfully received a mail from previous level..
So u think problem is not in my settings? Im still getting into this whole thing and i dont understand it completely.
Anyways i was trying to find something about this and i think this shud be set properly..
Another thing i was thinking of is that my zone file of my domain is not aplied yet.. i changed it yesterday..


I flushed the caching NS the server uses, and can properly look up entries. Also pushed out the reverse delegation again in case there were any issues with the original delegation.

Appears working now:

$ dig mx intossh.net +short
10 mail6.intossh.net.

$ dig aaaa mail6.intossh.net. +short

$ dig -x 2001:470:1f0b:1408::2 +short


Wow... it really works.. thank you both a lot.. now i can take a rest lol.. thanks again  :)


Actually works, thanks.