Hurricane Electric's IPv6 Tunnel Broker Forums

Advanced search  

News:

Welcome to Hurricane Electric's Tunnelbroker.net forums!

Author Topic: MX RDNS Issue  (Read 6766 times)

doofnet

  • Newbie
  • *
  • Posts: 2
MX RDNS Issue
« on: July 16, 2009, 02:37:31 AM »

As far as I can see i've got it setup and working, even setup IPv6 on the nameservers and it still doesnt work, can anyone provide some insight?

$ dig +short mx mythtv.tensixtyone.com
5 mythtv.tensixtyone.com.
$ dig +short aaaa mythtv.tensixtyone.com
2001:470:1f09:1b1::4
$ dig +short -x 2001:470:1f09:1b1::4
mythtv.tensixtyone.com.
Logged

bpier

  • Newbie
  • *
  • Posts: 22
Re: MX RDNS Issue
« Reply #1 on: July 16, 2009, 07:12:30 AM »

Huh?
Looks good to me; I tested your dig commands and got the same results.

Bill
Logged

rpuckett

  • Newbie
  • *
  • Posts: 2
Re: MX RDNS Issue
« Reply #2 on: July 19, 2009, 10:01:07 PM »

I can verify that forward and reverse dns works on my local lan:

$ dig whats4dinner.chickenkiller.com MX +short
10 mail.whats4dinner.chickenkiller.com.

$ dig mail.whats4dinner.chickenkiller.com AAAA +short
2001:470:f177:4:20e:b6ff:fe25:db65

$ dig -x 2001:470:f177:4:20e:b6ff:fe25:db65 +short
mail.whats4dinner.chickenkiller.com.

$ dig ns1.whats4dinner.chickenkiller.com AAAA +short
2001:470:f177::1

The "whats4dinner" domain is hosted off of external ipv4 servers but the hosting company does allow adding AAAA records. So all the forward lookups are coming from them and seem to work. I gather that rDNS would from he.net would go to these external nameservers to obtain the ip of my nameserver that is handling the IPv6 PTR records, but I never see any inbound domain lookup on my nameserver (verifying with tcpdump).

Does anyone know of a IPv6 recusive nameserver like opendns that I can use to verify how the Interwebs see me vs. local lan?
Logged

dataless

  • Newbie
  • *
  • Posts: 26
Re: MX RDNS Issue
« Reply #3 on: July 20, 2009, 01:11:56 PM »

OpenDNS gives IPv6 responses.

dig ns1.whats4dinner.chickenkiller.com AAAA +short @208.67.222.222
2001:470:f177::1

Or are you wanting a strictly IPv6 NS to check?
Logged

broquea

  • Sr. Network Engineer, HE.NET AS6939
  • Administrator
  • Hero Member
  • *****
  • Posts: 1717
Re: MX RDNS Issue
« Reply #4 on: July 21, 2009, 04:43:37 PM »

Server that tests for the data doesn't have a problem looking up your MX, getting the AAAA and looking up the rDNS entry for the IPv6 address.

Is this still an issue?
Logged

doofnet

  • Newbie
  • *
  • Posts: 2
Re: MX RDNS Issue
« Reply #5 on: July 23, 2009, 01:25:11 AM »

I still have the issue, can HE tell me what email address its trying to check?
Logged

rpuckett

  • Newbie
  • *
  • Posts: 2
Re: MX RDNS Issue
« Reply #6 on: July 26, 2009, 08:34:35 AM »

Still having issues.

I still get the red "Your MX does not appear to have working RDNS" but I have verified via http://www.potaroo.net/cgi-bin/ipv6addr that RDNS is working.

I don't suppose there's a way to look at previous settings that I used in past certs to see if a parameter is causing the foo-barring?
Logged

dataless

  • Newbie
  • *
  • Posts: 26
Re: MX RDNS Issue
« Reply #7 on: July 26, 2009, 01:37:21 PM »

I wonder if it's due to the fact your NS's aren't IPv6..

A whois of chickenkiller.com gives;

   Domain Name: CHICKENKILLER.COM
   Registrar: DOTSTER, INC.
   Whois Server: whois.dotster.com
   Referral URL: http://www.dotster.com
   Name Server: NS1.AFRAID.ORG
   Name Server: NS2.AFRAID.ORG
   Name Server: NS3.AFRAID.ORG
   Name Server: NS4.AFRAID.ORG
   Status: clientDeleteProhibited
   Status: clientTransferProhibited
   Status: clientUpdateProhibited
   Updated Date: 27-dec-2008
   Creation Date: 26-dec-2000
   Expiration Date: 26-dec-2009


# dig NS1.AFRAID.ORG AAAA +short
# dig NS2.AFRAID.ORG AAAA +short
# dig NS3.AFRAID.ORG AAAA +short
# dig NS4.AFRAID.ORG AAAA +short

No AAAA's for any of them.  Even though they give out IPv6 responses the only way to contact them is via IP4..  Maybe that's causing the failure.

Someone from HE could likely tell you for sure if that is the problem.
Logged