IPv6 tunnel with he.net

Hey there.

I've managed to setup my IPv6 tunnel from he.net and have it working and its accepting IPv6 connectivity to irc and can ping6 via. terminal.

However i want to setup some reverse dns' with afraid.org, however im unsure as to how to set this up because i dont know what IPv6 addresses i have been delegated, nor how to set them up.

Could someone help me with this. Many thanks, wader.

11 Replies

The tunnelbroker web site allows you to set a rDNS entry for the tunnel endpoint, and if you route a HE /64 via tunnelbroker then it'll let you delegate the DNS for that /64 to whatever servers you request.

@sweh:

The tunnelbroker web site allows you to set a rDNS entry for the tunnel endpoint …

It does? Where? I've never seen that.

https://dns.he.net/

Use the same login as you do for the HE IPv6 Certification site

@tonymallin:

https://dns.he.net/

Use the same login as you do for the HE IPv6 Certification site
To change the rDNS for the endpoint address, not just the routed /64 (or /48)? Unless I'm misunderstanding what sweh said…

Edit (2011-05-15T14:41Z): Urgh, syntax…

For the routed subnet, go to tunnelbroker.net, click on the tunnel you've configured (at the bottom of the center section). This allows you to edit the tunnel settings. At the bottom of that are the rDNS settings.

I might have been mistaken about the end-point address (I was confusing it with Panix), but this isn't a big deal. You don't actually need to use the endpoint IP6 address on your machine at all!

On my CentOS based linode I actually use one of the routed subnet IP6 addresses on my sit1 connection and not the endpoint address. And this works directly.

Since the routed IP6 address is the one configured on my machine, outgoing traffic is associated with that IP6 address, and so under control of the rDNS delegation; you get to define your own rDNS setting!

Also, setting up rDNS can be a little confusing.

Let's say you have the subnet 2001:0470:1234:5678/64 associated with you.

You need to setup a rDNS zone for 8.7.6.5.4.3.2.1.0.7.4.0.1.0.0.2.ip6.arpa

eg for bind

zone "8.7.6.5.4.3.2.1.0.7.4.0.1.0.0.2.ip6.arpa" {
        allow-query { any; };
        type master;
        file "2001:0470:1234:5678";
};

The zone file would have normal headers as you'd do any DNS delegation. However the actual ptr record becomes long. eg if you wanted ….::3 (ie 2001:0470:1234:5678::3) to have a rDNS value then you'd need an entry such as

3.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0 IN      PTR     your.dns.name.

IPv6 rDNS entries are long, but once you've worked out just what is being delegated to you then it's not too complicated :-)

Maybe I'm missing something, but since Linode has native IPv6 support now, why use an HE tunnel?

@Guspaz:

Maybe I'm missing something, but since Linode has native IPv6 support now, why use an HE tunnel?
Not all of us are in Fremont or Newark.

@Guspaz:

Maybe I'm missing something, but since Linode has native IPv6 support now, why use an HE tunnel?

as above, we dont have IPv6 in London yet ;)

also with the tunnel im not wasting my native IPs purely for rDNS records ;)

@Guspaz:

Maybe I'm missing something, but since Linode has native IPv6 support now, why use an HE tunnel?
Does linode support rDNS for the native IP6 address? (their web page says "coming soon").

Another handy reason to use a HE tunnel: when you're a router for a few remote networks. That /48 comes in handy.

(Note: this configuration, in conjunction with native IPv6, is not yet possible with the stock Linode kernel, due to some really kinky routing table sadomasochism stuff. Don't believe me?

$ mtr --report www.v6.facebook.com
HOST: witte                       Loss%   Snt   Last   Avg  Best  Wrst StDev
  1\. hennepin.ipv6.hoopycat.com    0.0%    10    0.2   3.5   0.2   6.4   2.8
  2\. ipv6tun-framboise-hennepin.s  0.0%    10   31.7  34.1  30.3  49.4   5.7
  3\. rtucker-2.tunnel.tserv4.nyc4  0.0%    10   34.7  42.1  34.7  60.2   7.2
  4\. gige-g3-8.core1.nyc4.he.net   0.0%    10   32.3  36.8  31.8  48.1   5.1
  5\. 10gigabitethernet2-3.core1.a  0.0%    10   48.2  46.8  35.5  70.0  10.2
  6\. 2001:470:0:1bf::2             0.0%    10   37.1  39.6  36.5  44.0   2.8
  7\. ae2.bb01.iad1.tfbnw.net       0.0%    10   46.3  49.6  38.8  73.3  10.8
  8\. ae14.bb01.sjc1.tfbnw.net      0.0%    10  111.7 112.5 108.6 126.2   5.2
  9\. ae0.pr01.sjc1.tfbnw.net       0.0%    10  109.8 113.2 107.6 132.2   7.1
 10\. ???                          100.0    10    0.0   0.0   0.0   0.0   0.0
$ mtr --report www.v6.facebook.com
HOST: framboise                   Loss%   Snt   Last   Avg  Best  Wrst StDev
  1\. fe80::8a43:e1ff:fea4:4ff      0.0%    10    1.5   0.7   0.5   1.5   0.3
  2\. Vlan479.esd1.mmu.nac.net      0.0%    10    2.2   2.2   0.6   7.0   2.3
  3\. Vlan805.tbr2.mmu.nac.net      0.0%    10    0.4   1.3   0.4   9.4   2.8
  4\. e1.2.tbr2.ewr.nac.net         0.0%    10    1.6   1.3   1.0   3.7   0.9
  5\. 10gigabitethernet4-2.core1.n  0.0%    10   10.9   2.9   1.6  10.9   2.9
  6\. 10gigabitethernet2-3.core1.a  0.0%    10    7.9  11.4   7.9  17.3   3.9
  7\. 2001:470:0:1bf::2             0.0%    10    7.9  11.4   7.9  42.3  10.8
  8\. ae2.bb01.iad1.tfbnw.net       0.0%    10    8.2   8.1   7.9   8.5   0.1
  9\. ae14.bb01.sjc1.tfbnw.net      0.0%    10   79.6  79.9  79.3  83.2   1.2
 10\. ae0.pr01.sjc1.tfbnw.net       0.0%    10   79.4  82.6  79.3 111.0  10.0
 11\. ???                          100.0    10    0.0   0.0   0.0   0.0   0.0

So don't try this at home. Yet.)

Reply

Please enter an answer
Tips:

You can mention users to notify them: @username

You can use Markdown to format your question. For more examples see the Markdown Cheatsheet.

> I’m a blockquote.

I’m a blockquote.

[I'm a link] (https://www.google.com)

I'm a link

**I am bold** I am bold

*I am italicized* I am italicized

Community Code of Conduct