PTR IPv6 setup

Discussion in 'Installation/Configuration' started by maxxer, Apr 2, 2015.

  1. maxxer

    maxxer Member

    Hi.
    I've set up my ISPConfig with my IPv6 zone, and looks ok compared to the documentations I found on Sixxs website. Given that, the DNS apparently refuses to reply to every request coming from outside the LAN. And not for only the reverse zone, for everything.

    For example if I try resolving www.google.it from inside, using LAN IP, it replies correctly. If I do the same from outside I get nothing:
    Code:
    $ dig www.google.it  @ispconfig.domain.com
    
    ; <<>> DiG 9.9.5-4.3ubuntu0.2-Ubuntu <<>> www.google.it @ispconfig.domain.com
    ;; global options: +cmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 18410
    ;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
    ;; WARNING: recursion requested but not available
    
    ;; OPT PSEUDOSECTION:
    ; EDNS: version: 0, flags:; udp: 4096
    ;; QUESTION SECTION:
    ;www.google.it.            IN    A
    
    ;; Query time: 88 msec
    ;; SERVER: 95.1.2.3#53(95.1.2.3)
    ;; WHEN: Thu Apr 02 09:36:30 CEST 2015
    ;; MSG SIZE  rcvd: 42
    
    Is there any option I missed to enable resolve for outer requests? thanks
     
  2. till

    till Super Moderator Staff Member ISPConfig Developer

    This has to be rejected as you try to do a recursal from the external IP and not from the local server. If you like to test name resolution for external domains, then you have to use this:

    dig @localhost www.google.it

    If you want to test a zone that you host on the server, then run:

    dig @localhost yourdomain.com

    and when this works you can try:

    dig @serverhostname yourdomain.com
     
  3. maxxer

    maxxer Member

    The problem is that I just host IPv6 PTR for my zone on ISPConfig, so I have no other test to do other than this.
    DNS resolution from local lan works, even for external domains. But if I try to resolve the IPv6 zone or one of the ipv6 hosts configured in ispconfig it the result is "no servers could be reached".
    Now if I try resolving I get:
    ;; BAD (HORIZONTAL) REFERRAL
    from what I could understand this means ISPConfig's bind is returning a bad NS for the next step. but the line returning that error is the zone I configured in my server, so it should return "ok" or something like that.

    This is the output of the last lines of dig +trace b.1.2.3.0.0.1.0.8.1.4.1.1.0.0.2.ip6.arpa. @ispconfig.domain.com.
    Code:
    1.0.8.1.4.1.1.0.0.2.ip6.arpa. 172800 IN NS      ns1.sixxs.net.
    1.0.8.1.4.1.1.0.0.2.ip6.arpa. 172800 IN NS      ns3.sixxs.net.
    1.0.8.1.4.1.1.0.0.2.ip6.arpa. 172800 IN NS      ns2.sixxs.net.
    ;; Received 121 bytes from 193.0.9.5#53(193.0.9.5) in 59 ms
    
    b.1.2.3.0.0.1.0.8.1.4.1.1.0.0.2.ip6.arpa. 14400 IN NS ispconfig.domain.com.
    ;; Received 88 bytes from 80.228.241.140#53(80.228.241.140) in 66 ms
    
    b.1.2.3.0.0.1.0.8.1.4.1.1.0.0.2.ip6.arpa. 10970 IN NS ispconfig.domain.com.
    ;; BAD (HORIZONTAL) REFERRAL
    ;; Received 88 bytes from 10.0.0.172#53(10.0.0.172) in 2 ms
    
    b.1.2.3.0.0.1.0.8.1.4.1.1.0.0.2.ip6.arpa. 10970 IN NS ispconfig.domain.com.
    ;; BAD (HORIZONTAL) REFERRAL
    ;; Received 88 bytes from 2001:1418:100:321b::172#53(2001:1418:100:321b::172) in 2 ms
    
     
    Last edited: Apr 7, 2015

Share This Page