need reverse delegation for my ipv6 subnet
Kevin Darcy
kcd at chrysler.com
Thu Apr 3 23:53:50 UTC 2008
Well, first of all, you show no PTR record in the zone. PTR records are
what are looked up in reverse resolution, so you will have no reverse
resolution until 1 or more PTRs are added to your zone. The flickr.com
image you linked had no option for PTR records, which makes me think it
is only for "forward" zones, not reverse zones. You might need to use a
different tool to maintain your reverse zone. (I'm not sure what the
point of the TXT record is, it doesn't have any effect on the
resolvability of your PTR record(s). It would be informational at most.)
Secondly, you have a delegation issue. According to ns1.sixxs.net,
1.5.0.1.8.f.6.0.1.0.0.2.ip6.arpa. 604800 IN NS ns1.stattfernsehen.com.
I.e. you've been delegated the zone at the /48 level. Yet the zone file
you show has an $ORIGIN which reflects a full /128 reverse path. How is
it defined in named.conf? As a /48 or as a /128? If your $ORIGIN doesn't
match your named.conf zone definition, then the zone won't load properly
(named will complain about the SOA/NS records being "out of zone", and
perhaps again that the zone is missing SOA/NS records). If it matches
(at the /128 level), then the zone is not at the right level of
delegation. Note that the $ORIGINs in the examples given in the FAQ web
page you cited are at the /48 and /64 levels; you need to match the
delegation that's been given to you by your upstream provider. It's not
just the $ORIGINs that need to be changed, though; the zone *itself*
needs to be at the /48 level.
Next problem, it appears that you are not allowing queries of the zone
you have set up (at least, not from my IP):
$ dig
c.a.a.a.f.8.e.f.f.f.5.6.0.3.2.0.0.0.0.0.1.5.0.1.8.f.6.0.1.0.0.2.ip6.arpa
ns @ns1.stattfernsehen.com
; <<>> DiG 9.3.0 <<>>
c.a.a.a.f.8.e.f.f.f.5.6.0.3.2.0.0.0.0.0.1.5.0.1.8.f.6.0.1.0.0.2.ip6.arpa
ns @ns1.stattfernsehen.com
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 338
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;c.a.a.a.f.8.e.f.f.f.5.6.0.3.2.0.0.0.0.0.1.5.0.1.8.f.6.0.1.0.0.2.ip6.arpa.
IN NS
;; Query time: 165 msec
;; SERVER: 87.79.236.249#53(ns1.stattfernsehen.com)
;; WHEN: Thu Apr 3 16:12:00 2008
;; MSG SIZE rcvd: 90
(I get REFUSED for 1.5.0.1.8.f.6.0.1.0.0.2.ip6.arpa as well).
Lastly, I would work on getting reverse-resolution working from a single
server before worrying about who is going to be your slave. Walk before
you try to fly.
- Kevin
Marc Manthey wrote:
> hello chris and all other experts,
>
> i want to set up reverse DNS for my subnet providet by sixxs.net , a
> free tunnel broker.
>
> So, i have a debian server with "bind " and webmin configured. My
> local machine with bind is
>
> host -6 2001:6f8:1051:0:230:65ff:fe8f:aaac
>
> thats the reverse arpa adress of the machine called
> ns1.stattfernsehen.com .
>
> <http://pastebin.com/m1bc0c6a1>
>
> my subnet is 2001:6f8:1051::/48
>
> do i need all of this ?
>
> https://noc.sixxs.net/faq/dns/?faq=reverse
>
> thats a modified zone file from this site:
>
>
>
> $ORIGIN c.a.a.a.f.8.e.f.f.f.5.6.0.3.2.0.0.0.0.0.1.5.0.1.8.f.
> 6.0.1.0.0.2.ip6.arpa.
>
> my host adress with bind,
>
>
> $TTL 604800
> @ IN SOA ns1.stattfernsehen.com. hostmaster.stattfernsehen.com. (
> 1978022513 ; Serial
> 10800 ; Refresh
> 3600 ; Retry
> 2419200 ; Expire
> 604800 ) ; Default TTL
>
> thats ok ?
>
> NS ns1.stattfernsehen.com.
> NS ns2.example.org. <<<<should i put ns3.gkg.net.
> in here as secondary ?
> TXT "2001:6f8:1051::/48" <<<<<< in quotes ?
>
> gkg.net is my registrar so i need to put his ns as secondary , correct ?
> What about the "zone" file on my registrars site ? <http://farm3.static.flickr.com/2078/2342810344_55704520a9_o.jpg
> >
>
> i would give someone access to my webmin
> if he is able to help me create the required "zone" files.
>
>
>>> <http://www.sixxs.net/faq/sixxs/?faq=dnsspam>
>>> <http://www.sixxs.net/tools/zonecheck/>
>>>
>
>
>
> thanks a lot
>
> marc
>
> --
> Les enfants teribbles - research and deployment
> Marc Manthey - Hildeboldplatz 1a
> D - 50672 Köln - Germany
> Tel.:0049-221-3558032
> Mobil:0049-1577-3329231
> jabber :marc at kgraff.net
> blog : http://www.let.de
> ipv6 http://stattfernsehen.com/matrix
>
>
>
More information about the bind-users
mailing list