Hurricane Electric's IPv6 Tunnel Broker Forums

Advanced search  

News:

Welcome to Hurricane Electric's Tunnelbroker.net forums!

Author Topic: rDNS + afraid.org problem  (Read 6616 times)

InToSSH1

  • Guest
rDNS + afraid.org problem
« on: February 24, 2009, 03:14:29 PM »

Hello.. im still a bit confused by this whole thing. I know how rDNS works but cant get it to work here. i hope i understand it in this way. ive already spent 3days setting that so i wud really appreciate some help.
Client IPv6 address:   2001:470:1f0a:1408::2/64
Routed /64:   2001:470:1f0b:1408::/64

              RDNS Delegation NS1:   ns1.afraid.org
   RDNS Delegation NS2:   ns2.afraid.org
   RDNS Delegation NS3:   ns3.afraid.org

My router has sit1 configuration for both subnets.
Somewhere on this forum i read i need the Routed /64 for delegation.
Well i have a domain intossh.net
Code: [Select]
ipv6.intossh.net AAAA 2001:470:1f0a:1408::2
www.intossh.net CNAME intossh.net
intossh.net AAAA 2001:470:1f0b:1408::2
ipv4.intossh.net A 88.83.167.146
intossh.net MX mail6.intossh.net 10
mail6.intossh.net AAAA 2001:470:1f0b:1408::2
^ this is from domain registrator's website so dont look how its written..its not a zone file.

and i ve a Reverse DNS on afraid.org

Code: [Select]
2001:470:1f0b:1408::/64
2001:0470:1f0b:1408:0000:0000:0000:0002 intossh.net
dig returns this
Code: [Select]
dig -x 2001:470:1f0b:1408::2 @ns1.afraid.org

; <<>> DiG 9.5.0-P2 <<>> -x 2001:470:1f0b:1408::2 @ns1.afraid.org
;; global options:  printcmd                                     
;; Got answer:                                                   
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 64197       
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 4, ADDITIONAL: 4
;; WARNING: recursion requested but not available                   

;; QUESTION SECTION:
;2.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.8.0.4.1.b.0.f.1.0.7.4.0.1.0.0.2.ip6.arpa. IN PTR

;; ANSWER SECTION:
2.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.8.0.4.1.b.0.f.1.0.7.4.0.1.0.0.2.ip6.arpa. 60 IN PTR intossh.net.

;; AUTHORITY SECTION:
8.0.4.1.b.0.f.1.0.7.4.0.1.0.0.2.ip6.arpa. 60 IN NS ns1.afraid.org.
8.0.4.1.b.0.f.1.0.7.4.0.1.0.0.2.ip6.arpa. 60 IN NS ns2.afraid.org.
8.0.4.1.b.0.f.1.0.7.4.0.1.0.0.2.ip6.arpa. 60 IN NS ns3.afraid.org.
8.0.4.1.b.0.f.1.0.7.4.0.1.0.0.2.ip6.arpa. 60 IN NS ns4.afraid.org.

On that router/server is postfix server.. And i just dont know what is wrong.. It keeps telling me "Your MX does not appear to have working RDNS".
Maybe this is stupid question and i dont understand it right..
Thanks.
« Last Edit: February 24, 2009, 03:26:33 PM by InToSSH1 »
Logged

piojan

  • Jr. Member
  • **
  • Posts: 85
Re: rDNS + afraid.org problem
« Reply #1 on: February 24, 2009, 03:27:50 PM »

Maybe this:
Code: [Select]
$ host 88.83.167.146
Host 146.167.83.88.in-addr.arpa. not found: 3(NXDOMAIN)
Code: [Select]
$ host 2001:470:1f0a:1408::2
Host 2.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.8.0.4.1.a.0.f.1.0.7.4.0.1.0.0.2.ip6.arpa not found: 3(NXDOMAIN)
« Last Edit: February 24, 2009, 03:35:04 PM by piojan »
Logged

InToSSH1

  • Guest
Re: rDNS + afraid.org problem
« Reply #2 on: February 24, 2009, 03:34:45 PM »

hmm this shud work also?
this works:
Code: [Select]
jerry@InToSSH-linux:~> host 2001:470:1f0b:1408::2
2.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.8.0.4.1.b.0.f.1.0.7.4.0.1.0.0.2.ip6.arpa domain name pointer intossh.net.
i thot that another IPs are not needed to be in reverse
« Last Edit: February 24, 2009, 03:39:17 PM by InToSSH1 »
Logged

piojan

  • Jr. Member
  • **
  • Posts: 85
Re: rDNS + afraid.org problem
« Reply #3 on: February 24, 2009, 03:43:01 PM »

Code: [Select]
$ dig -x 2001:470:1f0a:1408::2 @ns1.he.net

; <<>> DiG 9.6.0b1 <<>> -x 2001:470:1f0a:1408::2 @ns1.he.net
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 47746
;; flags: qr aa rd; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; WARNING: recursion requested but not available

;; QUESTION SECTION:
;2.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.8.0.4.1.a.0.f.1.0.7.4.0.1.0.0.2.ip6.arpa. IN PTR

;; AUTHORITY SECTION:
a.0.f.1.0.7.4.0.1.0.0.2.ip6.arpa. 86400 IN SOA  ns1.he.net. hostmaster.he.net. 2009022437 10800 1800 604800 86400

;; Query time: 228 msec
;; SERVER: 216.218.130.2#53(216.218.130.2)
;; WHEN: Wed Feb 25 00:37:36 2009
;; MSG SIZE  rcvd: 153

this could go to ipv6@he.net if it's like this for a long time. The p2p link has automatic naming.

Your real ipv4 that a harder thing.
You are not able to do anything apart form asking your ISP.

Code: [Select]
$ dig +trace -x 88.83.167.146

; <<>> DiG 9.6.0b1 <<>> +trace -x 88.83.167.146
;; global options: +cmd
.                       514866  IN      NS      K.ROOT-SERVERS.NET.
.                       514866  IN      NS      H.ROOT-SERVERS.NET.
.                       514866  IN      NS      L.ROOT-SERVERS.NET.
.                       514866  IN      NS      C.ROOT-SERVERS.NET.
.                       514866  IN      NS      D.ROOT-SERVERS.NET.
.                       514866  IN      NS      E.ROOT-SERVERS.NET.
.                       514866  IN      NS      B.ROOT-SERVERS.NET.
.                       514866  IN      NS      I.ROOT-SERVERS.NET.
.                       514866  IN      NS      F.ROOT-SERVERS.NET.
.                       514866  IN      NS      A.ROOT-SERVERS.NET.
.                       514866  IN      NS      M.ROOT-SERVERS.NET.
.                       514866  IN      NS      G.ROOT-SERVERS.NET.
.                       514866  IN      NS      J.ROOT-SERVERS.NET.
;; Received 241 bytes from 127.0.0.1#53(127.0.0.1) in 23 ms

arpa.                   172800  IN      NS      M.ROOT-SERVERS.NET.
arpa.                   172800  IN      NS      A.ROOT-SERVERS.NET.
arpa.                   172800  IN      NS      B.ROOT-SERVERS.NET.
arpa.                   172800  IN      NS      C.ROOT-SERVERS.NET.
arpa.                   172800  IN      NS      D.ROOT-SERVERS.NET.
arpa.                   172800  IN      NS      E.ROOT-SERVERS.NET.
arpa.                   172800  IN      NS      F.ROOT-SERVERS.NET.
arpa.                   172800  IN      NS      G.ROOT-SERVERS.NET.
arpa.                   172800  IN      NS      H.ROOT-SERVERS.NET.
arpa.                   172800  IN      NS      I.ROOT-SERVERS.NET.
arpa.                   172800  IN      NS      K.ROOT-SERVERS.NET.
arpa.                   172800  IN      NS      L.ROOT-SERVERS.NET.
;; Received 496 bytes from 2001:503:c27::2:30#53(J.ROOT-SERVERS.NET) in 142 ms

88.in-addr.arpa.        86400   IN      NS      SEC3.APNIC.NET.
88.in-addr.arpa.        86400   IN      NS      SUNIC.SUNET.SE.
88.in-addr.arpa.        86400   IN      NS      NS-PRI.RIPE.NET.
88.in-addr.arpa.        86400   IN      NS      TINNIE.ARIN.NET.
88.in-addr.arpa.        86400   IN      NS      NS.LACNIC.NET.
88.in-addr.arpa.        86400   IN      NS      NS3.NIC.FR.
88.in-addr.arpa.        86400   IN      NS      SEC1.APNIC.NET.
;; Received 219 bytes from 2001:503:ba3e::2:30#53(A.ROOT-SERVERS.NET) in 140 ms

88.in-addr.arpa.        7200    IN      SOA     ns-pri.ripe.net. dns-help.ripe.net. 2009022493 3600 7200 1209600 7200
;; Received 104 bytes from 2001:660:3006:1::1:1#53(NS3.NIC.FR) in 57 ms


By the way - the problem is with postfix only?
It might just be a worning that can be ignored.
Logged

InToSSH1

  • Guest
Re: rDNS + afraid.org problem
« Reply #4 on: February 24, 2009, 03:49:14 PM »

Postfix shud be working properly.. I successfully received a mail from previous level..
So u think problem is not in my settings? Im still getting into this whole thing and i dont understand it completely.
Anyways i was trying to find something about this and i think this shud be set properly..
Another thing i was thinking of is that my zone file of my domain is not aplied yet.. i changed it yesterday..
« Last Edit: February 24, 2009, 03:54:41 PM by InToSSH1 »
Logged

broquea

  • Sr. Network Engineer, HE.NET AS6939
  • Administrator
  • Hero Member
  • *****
  • Posts: 1735
Re: rDNS + afraid.org problem
« Reply #5 on: February 24, 2009, 03:58:32 PM »

I flushed the caching NS the server uses, and can properly look up entries. Also pushed out the reverse delegation again in case there were any issues with the original delegation.

Appears working now:

Code: [Select]
$ dig mx intossh.net +short
10 mail6.intossh.net.

$ dig aaaa mail6.intossh.net. +short
2001:470:1f0b:1408::2

$ dig -x 2001:470:1f0b:1408::2 +short
intossh.net.
Logged

InToSSH1

  • Guest
Re: rDNS + afraid.org problem
« Reply #6 on: February 24, 2009, 04:04:16 PM »

Wow... it really works.. thank you both a lot.. now i can take a rest lol.. thanks again  :)
Logged

brtk

  • Newbie
  • *
  • Posts: 2
Re: rDNS + afraid.org problem
« Reply #7 on: April 12, 2009, 03:28:09 AM »

Actually works, thanks.
« Last Edit: April 17, 2009, 07:21:57 AM by brtk »
Logged