Hi. I've set up my ISPConfig with my IPv6 zone, and looks ok compared to the documentations I found on Sixxs website. Given that, the DNS apparently refuses to reply to every request coming from outside the LAN. And not for only the reverse zone, for everything. For example if I try resolving www.google.it from inside, using LAN IP, it replies correctly. If I do the same from outside I get nothing: Code: $ dig www.google.it @ispconfig.domain.com ; <<>> DiG 9.9.5-4.3ubuntu0.2-Ubuntu <<>> www.google.it @ispconfig.domain.com ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 18410 ;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1 ;; WARNING: recursion requested but not available ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ;; QUESTION SECTION: ;www.google.it. IN A ;; Query time: 88 msec ;; SERVER: 95.1.2.3#53(95.1.2.3) ;; WHEN: Thu Apr 02 09:36:30 CEST 2015 ;; MSG SIZE rcvd: 42 Is there any option I missed to enable resolve for outer requests? thanks
This has to be rejected as you try to do a recursal from the external IP and not from the local server. If you like to test name resolution for external domains, then you have to use this: dig @localhost www.google.it If you want to test a zone that you host on the server, then run: dig @localhost yourdomain.com and when this works you can try: dig @serverhostname yourdomain.com
The problem is that I just host IPv6 PTR for my zone on ISPConfig, so I have no other test to do other than this. DNS resolution from local lan works, even for external domains. But if I try to resolve the IPv6 zone or one of the ipv6 hosts configured in ispconfig it the result is "no servers could be reached". Now if I try resolving I get: ;; BAD (HORIZONTAL) REFERRAL from what I could understand this means ISPConfig's bind is returning a bad NS for the next step. but the line returning that error is the zone I configured in my server, so it should return "ok" or something like that. This is the output of the last lines of dig +trace b.1.2.3.0.0.1.0.8.1.4.1.1.0.0.2.ip6.arpa. @ispconfig.domain.com. Code: 1.0.8.1.4.1.1.0.0.2.ip6.arpa. 172800 IN NS ns1.sixxs.net. 1.0.8.1.4.1.1.0.0.2.ip6.arpa. 172800 IN NS ns3.sixxs.net. 1.0.8.1.4.1.1.0.0.2.ip6.arpa. 172800 IN NS ns2.sixxs.net. ;; Received 121 bytes from 193.0.9.5#53(193.0.9.5) in 59 ms b.1.2.3.0.0.1.0.8.1.4.1.1.0.0.2.ip6.arpa. 14400 IN NS ispconfig.domain.com. ;; Received 88 bytes from 80.228.241.140#53(80.228.241.140) in 66 ms b.1.2.3.0.0.1.0.8.1.4.1.1.0.0.2.ip6.arpa. 10970 IN NS ispconfig.domain.com. ;; BAD (HORIZONTAL) REFERRAL ;; Received 88 bytes from 10.0.0.172#53(10.0.0.172) in 2 ms b.1.2.3.0.0.1.0.8.1.4.1.1.0.0.2.ip6.arpa. 10970 IN NS ispconfig.domain.com. ;; BAD (HORIZONTAL) REFERRAL ;; Received 88 bytes from 2001:1418:100:321b::172#53(2001:1418:100:321b::172) in 2 ms