[ale] IPv6 shell?
Robert L. Harris
Robert.L.Harris at rdlg.net
Thu Mar 6 06:53:38 EST 2003
Actually I'm on tunnelbroker.net. Their config is very easy to set up,
they're quick to do setups and I've had 0 problems since setting up. My
reverse problems were rather enigmatic but hammered out last night, I'm
attributing the problems to user errror with a lack of experience
setting them up.
Otherwise everything is working great.
Thus spake Michael H. Warfield (mhw at wittsend.com):
> On Wed, Mar 05, 2003 at 09:28:45AM -0500, Robert L. Harris wrote:
>
> > Anyone here running IPv6 out of curriosity? I've got my systems about
> > 90% where I want them finally except for reverse DNS. How's everyone
> > else doing?
>
> I'm afraid you haven't provided us with nearly enough information.
>
> Which top level zone or "universe"? Internet6 (2001::/16),
> 6Bone (3ffe::/16) or 6to4 (2002::/16)?
>
> If you are on Internet6, the deployed production TLA's, you
> should be having no problem. Your reverse DNS should be in reverse
> nibble zone form under [reverse-nibbles].ip6.arpa. You're provider
> has to delegate your zone down to your server.
>
> If you are on 6Bone, a lot is going to depend on the distribution
> you are using and your provider (and, with luck, a little time). The
> original reverse DNS lookups for 6Bone were under [reverse-nibbles].ip6.int.
> But the IETF changed course and direction and decreed that the IPv6
> reverse lookups shall be under [reverse-nibbles].ip6.arpa. When many
> of the resolver libraries looked under [reverse-nibbles].ip6.arpa, there
> was no 6Bone, because [reverse-nibbles].e.f.f.3.ip6.arpa is not (or was
> not) delegated. RedHat 7.x is broken for 6Bone in this way. Most of
> the details on the delegations have been worked out and the ip6.int
> tree is supposedly been (or being) cloned into ip6.arpa which SHOULD
> resolve that problem. Except there was also some dispute / disagreement
> over reverse nibbles / string labels. That decision is for reverse nibbles
> and some of the older resolver libraries may have used string labels.
> There there was the question of your provider. Do THEY support ip6.arpa
> and are they delegating that down to your DNS server. At one point,
> FreeNET6 was not. They appear to be doing so, now. RedHat 8.0 seems
> to be working great (now) on 6Bone for me appears to be functional, but
> it's not clear why it started working. The delegation has to be in place
> and FreeNET6 has to be supporting it and the resolver libraries have to
> be using reverse nibbles (which is all I'm providing). They all work now
> for RedHat 8.0. But not, apparently, for RedHat 7.3. RedHat 7.3 works
> from within my zone (and hitting my name servers) but not from machines
> that are referencing them. That tells me that it's STILL a delegation
> problem, but I'm not sure where, especially since RedHat 8.0 works outside
> my zone. My guess is the resolver libraries in RedHat 8.0 are checking
> both ip6.arpa and ip6.int. But that doesn't explain why RedHat 8.0 was
> NOT working a couple of months ago, before the agreement with the RIR's
> and IANA over the ip6.arpa delegation for the 6Bone.
>
> If you are attempting to use 6to4 autotunneling on 2002::/16 then
> you don't stand a snowballs chance in hell of EVER getting reverse lookups
> to work (how would it ever get delegated across IPv4 dereferencing) so
> you can give up on that one right now.
>
> Based on your address in your sig, it looks like you are
> on Internet6...
>
> [mhw at alcove mhw]$ host -t AAAA ipv6.rdlg.net
> ipv6.rdlg.net has AAAA address 2001:470:1f00:ffff::2db
>
> Ok...
> TLA/NLA = 2001:470:1ff0: (Internet 6)
> SLA = ffff
> EUI = ::2bd (YUCK)
>
> Do you have a reverse nibble lookup set up for this:
>
> b.d.2.0.0.0.0.0.0.0.0.0.0.0.0.0.f.f.f.f.0.0.f.1.0.7.4.0.1.0.0.2.ip6.arpa?
>
> Your provider should be delegating this zone to you:
>
> 0.0.f.1.0.7.4.0.1.0.0.2.ip6.arpa
>
> With and entry like this:
>
> $ORIGIN 0.0.f.1.0.7.4.0.1.0.0.2.ip6.arpa.
> b.d.2.0.0.0.0.0.0.0.0.0.0.0.0.0.f.f.f.f PTR ipv6.rdlg.net.
>
> That should work (or you can divide it up between other
> zone boundries if you wish).
>
> Here is an example from my (working, dynamic) zone file:
>
> $ORIGIN 4.8.c.0.0.8.b.0.e.f.f.3.ip6.arpa.
> e.b.b.e.e.7.e.f.f.f.7.b.0.d.2.0.0.2.0.0 PTR berserker.ip6.wittsend.com.
>
> You'll notice that I'm on 6Bone.
>
> I'm able to ping you just fine AND I AM getting a reverse
> DNS lookup on you...
>
> [root at alcove mhw]# ping6 ipv6.rdlg.net
> PING ipv6.rdlg.net(rlharris-pt.tunnel.tserv1.fmt.ipv6.he.net) 56 data bytes
> 64 bytes from rlharris-pt.tunnel.tserv1.fmt.ipv6.he.net: icmp_seq=1 ttl=59 time=560 ms
> 64 bytes from rlharris-pt.tunnel.tserv1.fmt.ipv6.he.net: icmp_seq=2 ttl=59 time=514 ms
> 64 bytes from rlharris-pt.tunnel.tserv1.fmt.ipv6.he.net: icmp_seq=3 ttl=59 time=1301 ms
> 64 bytes from rlharris-pt.tunnel.tserv1.fmt.ipv6.he.net: icmp_seq=4 ttl=59 time=1287 ms
> 64 bytes from rlharris-pt.tunnel.tserv1.fmt.ipv6.he.net: icmp_seq=5 ttl=59 time=1107 ms
> 64 bytes from rlharris-pt.tunnel.tserv1.fmt.ipv6.he.net: icmp_seq=6 ttl=59 time=763 ms
>
> If I wasn't able to get a reverse lookup, I would get your
> hex address instead of that "rlharris-pt.tunnel.tserv1.fmt.ipv6.he.net"
> name. But it looks like a name from your provider. I think you need
> to discuss the reverse lookup issues with them. :-)
>
> > :wq!
> > ---------------------------------------------------------------------------
> > Robert L. Harris | PGP Key ID: E344DA3B
> > @ x-hkp://pgp.mit.edu
> > DISCLAIMER:
> > These are MY OPINIONS ALONE. I speak for no-one else.
> >
> > Diagnosis: witzelsucht
> >
> > IPv6 = robert at ipv6.rdlg.net http://ipv6.rdlg.net
> > IPv4 = robert at mail.rdlg.net http://www.rdlg.net
>
>
> Mike
> --
> Michael H. Warfield | (770) 985-6132 | mhw at WittsEnd.com
> /\/\|=mhw=|\/\/ | (678) 463-0932 | http://www.wittsend.com/mhw/
> NIC whois: MHW9 | An optimist believes we live in the best of all
> PGP Key: 0xDF1DD471 | possible worlds. A pessimist is sure of it!
:wq!
---------------------------------------------------------------------------
Robert L. Harris | PGP Key ID: E344DA3B
@ x-hkp://pgp.mit.edu
DISCLAIMER:
These are MY OPINIONS ALONE. I speak for no-one else.
Diagnosis: witzelsucht
IPv6 = robert at ipv6.rdlg.net http://ipv6.rdlg.net
IPv4 = robert at mail.rdlg.net http://www.rdlg.net
PGP signature
More information about the Ale
mailing list