IPv6 rDNS PTR propagation

Kim Bjoern

New Member
Feb 26, 2020
Fellow home-lab nerds!

I recently got IPv6 on my fiber, and my ISP (kviknet.dk) provided a /48 prefix, and registered the PTR zone on the backbone pointing to nameservers in my registered domain.

$ dig 5.0.1.b. ns

; <<>> DiG 9.16.22-Debian <<>> 5.0.1.b. ns
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 61788
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1

; EDNS: version: 0, flags:; udp: 512
;5.0.1.b. IN    NS

5.0.1.b. 21600    IN NS    ns1.opinion2.biz.
5.0.1.b. 21600    IN NS    ns1.ipv6.opinion2.biz.

;; Query time: 144 msec
;; WHEN: Thu Jan 20 10:21:03 CET 2022
;; MSG SIZE  rcvd: 114
My goal now is to skip the fixed public IPv4 address I also have (with a monthly fee), and after fiddling wit IP6, DNS, UDP, TCP, FWL etc. - I developed a bit of 20/20 OCD!

I configured a BIND service on a linux VM with zones on a number of VLANs, including the reverse zone.

Ive been beating a bunch of online DNS Lookup and propagation services, I got the he.net sage certification (still waiting for the t-shirt ;)), and lastly; checking client PTR with IPv6 test - IPv6/4 connectivity and speed test in quest of the holy 20/20! And succeeded - except:

Strangely enough, it appears as if the holy 20/20 is only achieved if the reverse IPv6 zone can be queried by IPv4 o_O
Can anyone confirm this??

Or is it because the ISP nameservers isn't fully up to IPv6 speed??

$ dig @2620:fe::fe -x 2a06:4004:b105:100::13 +trace


;; Received 451 bytes from in 16 ms 172800 IN    NS    ns1.kviknet.dk. 172800 IN    NS    ns2.kviknet.dk. 3600    IN    NSEC NS RRSIG NSEC 3600    IN    RRSIG    NSEC 13 10 3600 20220201103001 20220118090001 57223 0.a.2.ip6.arpa. KnMoer1nM72uvBi/Ydz78VG2sqCuZclCc6yIPIUiYSgFa+TNbQzcm6CY iJXJkOIPrrEz2+VQWpkLLLIvbURbgg==
;; Received 355 bytes from in 16 ms

5.0.1.b. 86400    IN NS    ns1.opinion2.biz.
5.0.1.b. 86400    IN NS    ns1.ipv6.opinion2.biz.
;; Received 154 bytes from in 12 ms 21600    IN PTR ns1.opinion2.biz.
5.0.1.b. 21600    IN NS    ns1.ipv6.opinion2.biz.
5.0.1.b. 21600    IN NS    ns1.opinion2.biz.
;; Received 224 bytes from 2a06:4004:b105:100::13#53(ns1.opinion2.biz) in 0 ms
Likewise, if I check propagation of IPv6 PTR records, I score 99% across the globe - as long as one of the nameservers has a valid A record. If both nameservers only respond to AAAA records, the "global propagation" is <10%

Is this to expect?? If so, there is a long way to IPv6 only

/Kim Bjoern, Denmark


New Member
Apr 30, 2021
:eek: is this as simple as: An authoritative name server cannot be IPv6 only..?
It's also a "problem" of AFI preference. I.e. which IP Family does the resolving server default to. IPv6 or IPv4. This might(!) be more prevalent if a remote resolver runs "older" resolver software + OS.