IPv6 tunnel with he.net
I've managed to setup my IPv6 tunnel from he.net and have it working and its accepting IPv6 connectivity to irc and can ping6 via. terminal.
However i want to setup some reverse dns' with afraid.org, however im unsure as to how to set this up because i dont know what IPv6 addresses i have been delegated, nor how to set them up.
Could someone help me with this. Many thanks, wader.
11 Replies
@sweh:
The tunnelbroker web site allows you to set a rDNS entry for the tunnel endpoint …
It does? Where? I've never seen that.
Use the same login as you do for the HE IPv6 Certification site
@tonymallin:
Use the same login as you do for the HE IPv6 Certification site
To change the rDNS for the endpoint address, not just the routed /64 (or /48)? Unless I'm misunderstanding what sweh said…
Edit (2011-05-15T14:41Z): Urgh, syntax…
I might have been mistaken about the end-point address (I was confusing it with Panix), but this isn't a big deal. You don't actually need to use the endpoint IP6 address on your machine at all!
On my CentOS based linode I actually use one of the routed subnet IP6 addresses on my sit1 connection and not the endpoint address. And this works directly.
Since the routed IP6 address is the one configured on my machine, outgoing traffic is associated with that IP6 address, and so under control of the rDNS delegation; you get to define your own rDNS setting!
Let's say you have the subnet 2001:0470
You need to setup a rDNS zone for 8.7.6.5.4.3.2.1.0.7.4.0.1.0.0.2.ip6.arpa
eg for bind
zone "8.7.6.5.4.3.2.1.0.7.4.0.1.0.0.2.ip6.arpa" {
allow-query { any; };
type master;
file "2001:0470:1234:5678";
};
The zone file would have normal headers as you'd do any DNS delegation. However the actual ptr record becomes long. eg if you wanted ….::3 (ie 2001:0470
3.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0 IN PTR your.dns.name.
IPv6 rDNS entries are long, but once you've worked out just what is being delegated to you then it's not too complicated
@Guspaz:
Maybe I'm missing something, but since Linode has native IPv6 support now, why use an HE tunnel?
Not all of us are in Fremont or Newark.
@Guspaz:
Maybe I'm missing something, but since Linode has native IPv6 support now, why use an HE tunnel?
as above, we dont have IPv6 in London yet
also with the tunnel im not wasting my native IPs purely for rDNS records
@Guspaz:
Maybe I'm missing something, but since Linode has native IPv6 support now, why use an HE tunnel?
Does linode support rDNS for the native IP6 address? (their web page says "coming soon").
(Note: this configuration, in conjunction with native IPv6, is not yet possible with the stock Linode kernel, due to some really kinky routing table sadomasochism stuff. Don't believe me?
$ mtr --report www.v6.facebook.com
HOST: witte Loss% Snt Last Avg Best Wrst StDev
1\. hennepin.ipv6.hoopycat.com 0.0% 10 0.2 3.5 0.2 6.4 2.8
2\. ipv6tun-framboise-hennepin.s 0.0% 10 31.7 34.1 30.3 49.4 5.7
3\. rtucker-2.tunnel.tserv4.nyc4 0.0% 10 34.7 42.1 34.7 60.2 7.2
4\. gige-g3-8.core1.nyc4.he.net 0.0% 10 32.3 36.8 31.8 48.1 5.1
5\. 10gigabitethernet2-3.core1.a 0.0% 10 48.2 46.8 35.5 70.0 10.2
6\. 2001:470:0:1bf::2 0.0% 10 37.1 39.6 36.5 44.0 2.8
7\. ae2.bb01.iad1.tfbnw.net 0.0% 10 46.3 49.6 38.8 73.3 10.8
8\. ae14.bb01.sjc1.tfbnw.net 0.0% 10 111.7 112.5 108.6 126.2 5.2
9\. ae0.pr01.sjc1.tfbnw.net 0.0% 10 109.8 113.2 107.6 132.2 7.1
10\. ??? 100.0 10 0.0 0.0 0.0 0.0 0.0
$ mtr --report www.v6.facebook.com
HOST: framboise Loss% Snt Last Avg Best Wrst StDev
1\. fe80::8a43:e1ff:fea4:4ff 0.0% 10 1.5 0.7 0.5 1.5 0.3
2\. Vlan479.esd1.mmu.nac.net 0.0% 10 2.2 2.2 0.6 7.0 2.3
3\. Vlan805.tbr2.mmu.nac.net 0.0% 10 0.4 1.3 0.4 9.4 2.8
4\. e1.2.tbr2.ewr.nac.net 0.0% 10 1.6 1.3 1.0 3.7 0.9
5\. 10gigabitethernet4-2.core1.n 0.0% 10 10.9 2.9 1.6 10.9 2.9
6\. 10gigabitethernet2-3.core1.a 0.0% 10 7.9 11.4 7.9 17.3 3.9
7\. 2001:470:0:1bf::2 0.0% 10 7.9 11.4 7.9 42.3 10.8
8\. ae2.bb01.iad1.tfbnw.net 0.0% 10 8.2 8.1 7.9 8.5 0.1
9\. ae14.bb01.sjc1.tfbnw.net 0.0% 10 79.6 79.9 79.3 83.2 1.2
10\. ae0.pr01.sjc1.tfbnw.net 0.0% 10 79.4 82.6 79.3 111.0 10.0
11\. ??? 100.0 10 0.0 0.0 0.0 0.0 0.0
So don't try this at home. Yet.)