Help with DNS server please
Posted: Thu Jan 06, 2011 7:56 am
I got 6to4 running on two servers. I have got reverse dns working tested from external ip6 (true) site.
If I lookup my own domains I serve I see the reverse records.
I can look up and forward ip6 record.
If I try to look up a external ipv6 record, I get nxdomain. Even for ipv6.google.com, but it works on a true ipv6 network.
It seems like a firewall is blocking. Any idea's?
nslookup -type=AAAA ipv6.idb.com.au
Server: 10.0.0.1
Address: 10.0.0.1#53
Non-authoritative answer:
ipv6.idb.com.au has AAAA address 2002:ca81:4f6a:1::18
Authoritative answers can be found from:
idb.com.au nameserver = ns2.idb.com.au.
idb.com.au nameserver = ns1.idb.com.au.
nslookup 2002:ca81:4f6a:1::18
Server: 10.0.0.1
Address: 10.0.0.1#53
** server can't find 8.1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.1.0.0.0.a.6.f.4.1.8.a.c.2.0.0.2.ip6.arpa: NXDOMAIN
nslookup ipv6.google.com
Server: 10.0.0.1
Address: 10.0.0.1#53
Non-authoritative answer:
ipv6.google.com canonical name = ipv6.l.google.com.
nslookup -type=AAAA ipv6.idb.com.au
Server: 10.0.0.1
Address: 10.0.0.1#53
Non-authoritative answer:
ipv6.idb.com.au has AAAA address 2002:ca81:4f6a:1::18
Authoritative answers can be found from:
idb.com.au nameserver = ns1.idb.com.au.
idb.com.au nameserver = ns2.idb.com.au.
ns1.idb.com.au internet address = 203.206.129.141
ns2.idb.com.au internet address = 203.206.129.141
[root@three David.Cottle]# nslookup 2002:ca81:4f6a:1::18
Server: 10.0.0.1
Address: 10.0.0.1#53
** server can't find 8.1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.1.0.0.0.a.6.f.4.1.8.a.c.2.0.0.2.ip6.arpa: NXDOMAIN
But look this is off DNS tools!
Reverse DNS for 2002:ca81:4f6a:1::18
Location: Unknown
Preparation:
The reverse DNS entry for an IPv6 is found by reversing the IPv6, adding it to "ip6.arpa", and looking up the PTR record.
So, the reverse DNS entry for 2002:ca81:4f6a:1:0:0:0:18 is found by looking up the PTR record for
8.1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.1.0.0.0.A.6.F.4.1.8.A.C.2.0.0.2.ip6.arpa.
All DNS requests start by asking the root servers, and they let us know what to do next.
See How Reverse DNS Lookups Work for more information.
How I am searching:
Asking c.root-servers.net for 8.1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.1.0.0.0.A.6.F.4.1.8.A.C.2.0.0.2.ip6.arpa PTR record:
c.root-servers.net says to go to a.ip6-servers.arpa. (zone: ip6.arpa.)
Asking a.ip6-servers.arpa. for 8.1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.1.0.0.0.A.6.F.4.1.8.A.C.2.0.0.2.ip6.arpa PTR record:
a.ip6-servers.arpa [199.212.0.73] says to go to ns-lacnic.6to4.nro.net. (zone: 2.0.0.2.ip6.arpa.)
Asking ns-lacnic.6to4.nro.net. for 8.1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.1.0.0.0.A.6.F.4.1.8.A.C.2.0.0.2.ip6.arpa PTR record:
ns-lacnic.6to4.nro.net [200.3.13.11] says to go to ns2.idb.com.au. (zone: a.6.f.4.1.8.a.c.2.0.0.2.ip6.arpa.)
Asking ns2.idb.com.au. for 8.1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.1.0.0.0.A.6.F.4.1.8.A.C.2.0.0.2.ip6.arpa PTR record: Reports ipv6.idb.com.au. [from 203.206.129.141]
Also I can access my server using IP6 addresses internally, but I can't externally.
If I lookup my own domains I serve I see the reverse records.
I can look up and forward ip6 record.
If I try to look up a external ipv6 record, I get nxdomain. Even for ipv6.google.com, but it works on a true ipv6 network.
It seems like a firewall is blocking. Any idea's?
nslookup -type=AAAA ipv6.idb.com.au
Server: 10.0.0.1
Address: 10.0.0.1#53
Non-authoritative answer:
ipv6.idb.com.au has AAAA address 2002:ca81:4f6a:1::18
Authoritative answers can be found from:
idb.com.au nameserver = ns2.idb.com.au.
idb.com.au nameserver = ns1.idb.com.au.
nslookup 2002:ca81:4f6a:1::18
Server: 10.0.0.1
Address: 10.0.0.1#53
** server can't find 8.1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.1.0.0.0.a.6.f.4.1.8.a.c.2.0.0.2.ip6.arpa: NXDOMAIN
nslookup ipv6.google.com
Server: 10.0.0.1
Address: 10.0.0.1#53
Non-authoritative answer:
ipv6.google.com canonical name = ipv6.l.google.com.
nslookup -type=AAAA ipv6.idb.com.au
Server: 10.0.0.1
Address: 10.0.0.1#53
Non-authoritative answer:
ipv6.idb.com.au has AAAA address 2002:ca81:4f6a:1::18
Authoritative answers can be found from:
idb.com.au nameserver = ns1.idb.com.au.
idb.com.au nameserver = ns2.idb.com.au.
ns1.idb.com.au internet address = 203.206.129.141
ns2.idb.com.au internet address = 203.206.129.141
[root@three David.Cottle]# nslookup 2002:ca81:4f6a:1::18
Server: 10.0.0.1
Address: 10.0.0.1#53
** server can't find 8.1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.1.0.0.0.a.6.f.4.1.8.a.c.2.0.0.2.ip6.arpa: NXDOMAIN
But look this is off DNS tools!
Reverse DNS for 2002:ca81:4f6a:1::18
Location: Unknown
Preparation:
The reverse DNS entry for an IPv6 is found by reversing the IPv6, adding it to "ip6.arpa", and looking up the PTR record.
So, the reverse DNS entry for 2002:ca81:4f6a:1:0:0:0:18 is found by looking up the PTR record for
8.1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.1.0.0.0.A.6.F.4.1.8.A.C.2.0.0.2.ip6.arpa.
All DNS requests start by asking the root servers, and they let us know what to do next.
See How Reverse DNS Lookups Work for more information.
How I am searching:
Asking c.root-servers.net for 8.1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.1.0.0.0.A.6.F.4.1.8.A.C.2.0.0.2.ip6.arpa PTR record:
c.root-servers.net says to go to a.ip6-servers.arpa. (zone: ip6.arpa.)
Asking a.ip6-servers.arpa. for 8.1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.1.0.0.0.A.6.F.4.1.8.A.C.2.0.0.2.ip6.arpa PTR record:
a.ip6-servers.arpa [199.212.0.73] says to go to ns-lacnic.6to4.nro.net. (zone: 2.0.0.2.ip6.arpa.)
Asking ns-lacnic.6to4.nro.net. for 8.1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.1.0.0.0.A.6.F.4.1.8.A.C.2.0.0.2.ip6.arpa PTR record:
ns-lacnic.6to4.nro.net [200.3.13.11] says to go to ns2.idb.com.au. (zone: a.6.f.4.1.8.a.c.2.0.0.2.ip6.arpa.)
Asking ns2.idb.com.au. for 8.1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.1.0.0.0.A.6.F.4.1.8.A.C.2.0.0.2.ip6.arpa PTR record: Reports ipv6.idb.com.au. [from 203.206.129.141]
Also I can access my server using IP6 addresses internally, but I can't externally.