• Welcome to Hurricane Electric's IPv6 Tunnel Broker Forums.

/48 RDNS Delegation

Started by ndm, May 06, 2008, 02:17:23 PM

Previous topic - Next topic


Hi all

whats the status about that? I searched the news section and all that I could find was from February 27th, that he.net is implementig rdns for routed /48. Does this feature work yet?

Regards André


We delegate rDNS for the /64 and /48 to whatever nameservers you provide in the interface. This has been working for some time now, and was only unavailable for about 2-3 days after we allowed users to allocate a /48.

[EDIT] - The March 4th News item mentions /48 rDNS working


Ok. Thank you for the clarification.


How long does the delegation process take?

I got the xxx/48 Net and I setup dns zone on servers ns[1,2,3].xxx
When I directly ask the server f.e. for xxx I got an answer. But asking my upstreams or the he.net dns server I always get nxdomain. Have I done something wrong?

EDIT: Removed "vital" data


I checked the ns1/ns2/ns3.he.net recently on several occations and found that only ns1.he.net had the pointers for reverse DNS.
Seems the he.net servers are not synched up.


Well it works now... It seems I was too impatient...


Yes, the nameservers are now synched too, they weren't earlier in the day.


It always amazes me how fast our users catch me :)  So whats going on on our side is that we have migrated all the tunnelbroker.net DNS over from ns1.ipv6 and ns2.ipv6 to the ns1 - 5 .he.net servers.  This give us better standardization and removes a few more of the legacy pieces of hardware from our system.

In order to do this we had to make changes with ARIN for our own delegation, and I think some of you may still be being referred to ns1.ipv6 etc for reverse DNS.  By tomorrow morning everything should be propagated up to the root's and at that point everyone should be going to ns1.he.net (Through ns5.he.net) for all their queries.

If you are still having any RDNS issues or don't see things working the way they are, drop me an email at ipv6@he.net and let me know so we can sort it out.


Thanks for the explanation regarding the transitioning, it's always good to know that small glitches like this are under control and not just flakyness, neglect, or worse.
I never actually experienced real failures of reverse resolution that I became aware of or couldn't trace to my own setup.


Quote from: samh on May 07, 2008, 05:58:57 PM
It always amazes me how fast our users catch me :)

You had other expectations of early adopters? :)


Quote from: eonesixfour on May 17, 2008, 06:45:13 AM

You had other expectations of early adopters? :)

Not really :)  Its a good amazed though, im glad to see so many people who care about things like Reverse DNS.  Having spent the last 15 years explaining to people in v4 who dont care about why we should all have working forward and reverse, its a breath of fresh air to be caught whenever I break it for our tunnelbroker :).

Also I will use this opportunity, we have automated all of our IPv6 reverse dns across the network , if you see any traceroutes that cross HE's network with broken rdns for one of our links please let me know.


Well it's me again.

It seems that not all he DNS Servers are synched

ns1 and ns2 report my dns server ns3-5 don't.

Prefix: 2001:470:d03f::/48


I sent an e-mail to ivp6@he.net earlier.   The problems seem actually deeper. Subdomains are delegated (if at all) on wrong octet boundaries.


Everything in the IPv6 RDNS world here should be settling in now, if you see your allocation on ns1-3 and not on 4-5 or the other way around give it until tommorow morning to sort out in the dns server farms and then if you are still having a problem drop an email to ipv6@he.net (A much better resource for troubleshooting actual problems).

If you have put in your entries and dont have anything RDNS wise try removing the entries and resubmitting them.  If after that you still dont have entries email me at ipv6@he.net


i have a somewhat related question...

my Subnet(routed/64) is ****:***:1f07:***::/64
while my ip is ****:***:1f06:***::2/64 (with the *** being the same characters in both)

Is it supposed to be one number off???

I am able to access the tunnel from my Ubuntu machine.  I can log in to ipv6.freenode.net IRC and see either the full ipv6 Ip or the imcensored.......he.net name.

I am using freedns.afraid.org for the rDNS.  if i add the subnet with the "1f07", it doesn't let me modify any of the first four "octets?" when i try to set the IP.  If i use the "1f06", i can set the IP, but i get a "BROKEN" error. http://dark-code.bulix.org/hxtuym-66611?raw (output in a paste-bin).

I'm lost at this point.  Which end did i screw up on? Over here or over there at freedns?

This is what i am trying to do....

I own the domain "speedlinemotorsports.org" ... i have pointed the subdomain "z.speedlinemotorsports.org" to my Ubuntu box (IPv4), as soon as either xname.org comes back up, or if i find another DNS that supports IPv6, i will be pointing it to the IPv6 address as well.  So i'd like the rDNS to be z.speedlinemotorsports.org.