PTR IPv6 setup

Discussion in 'Installation/Configuration' started by maxxer, Apr 2, 2015.

  1. maxxer

    maxxer Member

    I've set up my ISPConfig with my IPv6 zone, and looks ok compared to the documentations I found on Sixxs website. Given that, the DNS apparently refuses to reply to every request coming from outside the LAN. And not for only the reverse zone, for everything.

    For example if I try resolving from inside, using LAN IP, it replies correctly. If I do the same from outside I get nothing:
    $ dig
    ; <<>> DiG 9.9.5-4.3ubuntu0.2-Ubuntu <<>>
    ;; global options: +cmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 18410
    ;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
    ;; WARNING: recursion requested but not available
    ; EDNS: version: 0, flags:; udp: 4096
    ;            IN    A
    ;; Query time: 88 msec
    ;; SERVER:
    ;; WHEN: Thu Apr 02 09:36:30 CEST 2015
    ;; MSG SIZE  rcvd: 42
    Is there any option I missed to enable resolve for outer requests? thanks
  2. till

    till Super Moderator Staff Member ISPConfig Developer

    This has to be rejected as you try to do a recursal from the external IP and not from the local server. If you like to test name resolution for external domains, then you have to use this:

    dig @localhost

    If you want to test a zone that you host on the server, then run:

    dig @localhost

    and when this works you can try:

    dig @serverhostname
  3. maxxer

    maxxer Member

    The problem is that I just host IPv6 PTR for my zone on ISPConfig, so I have no other test to do other than this.
    DNS resolution from local lan works, even for external domains. But if I try to resolve the IPv6 zone or one of the ipv6 hosts configured in ispconfig it the result is "no servers could be reached".
    Now if I try resolving I get:
    from what I could understand this means ISPConfig's bind is returning a bad NS for the next step. but the line returning that error is the zone I configured in my server, so it should return "ok" or something like that.

    This is the output of the last lines of dig +trace
    Code: 172800 IN NS 172800 IN NS 172800 IN NS
    ;; Received 121 bytes from in 59 ms 14400 IN NS
    ;; Received 88 bytes from in 66 ms 10970 IN NS
    ;; Received 88 bytes from in 2 ms 10970 IN NS
    ;; Received 88 bytes from 2001:1418:100:321b::172#53(2001:1418:100:321b::172) in 2 ms
    Last edited: Apr 7, 2015

Share This Page