Fellow home-lab nerds!
I recently got IPv6 on my fiber, and my ISP (kviknet.dk) provided a /48 prefix, and registered the PTR zone on the backbone pointing to nameservers in my registered domain.
My goal now is to skip the fixed public IPv4 address I also have (with a monthly fee), and after fiddling wit IP6, DNS, UDP, TCP, FWL etc. - I developed a bit of 20/20 OCD!
I configured a BIND service on a linux VM with zones on a number of VLANs, including the reverse zone.
Ive been beating a bunch of online DNS Lookup and propagation services, I got the he.net sage certification (still waiting for the t-shirt ), and lastly; checking client PTR with IPv6 test - IPv6/4 connectivity and speed test in quest of the holy 20/20! And succeeded - except:
Strangely enough, it appears as if the holy 20/20 is only achieved if the reverse IPv6 zone can be queried by IPv4
Can anyone confirm this??
Or is it because the ISP nameservers isn't fully up to IPv6 speed??
Likewise, if I check propagation of IPv6 PTR records, I score 99% across the globe - as long as one of the nameservers has a valid A record. If both nameservers only respond to AAAA records, the "global propagation" is <10%
Is this to expect?? If so, there is a long way to IPv6 only
/Kim Bjoern, Denmark
I recently got IPv6 on my fiber, and my ISP (kviknet.dk) provided a /48 prefix, and registered the PTR zone on the backbone pointing to nameservers in my registered domain.
Code:
$ dig 5.0.1.b.4.0.0.4.6.0.a.2.ip6.arpa ns
; <<>> DiG 9.16.22-Debian <<>> 5.0.1.b.4.0.0.4.6.0.a.2.ip6.arpa ns
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 61788
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;5.0.1.b.4.0.0.4.6.0.a.2.ip6.arpa. IN NS
;; ANSWER SECTION:
5.0.1.b.4.0.0.4.6.0.a.2.ip6.arpa. 21600 IN NS ns1.opinion2.biz.
5.0.1.b.4.0.0.4.6.0.a.2.ip6.arpa. 21600 IN NS ns1.ipv6.opinion2.biz.
;; Query time: 144 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Thu Jan 20 10:21:03 CET 2022
;; MSG SIZE rcvd: 114
I configured a BIND service on a linux VM with zones on a number of VLANs, including the reverse zone.
Ive been beating a bunch of online DNS Lookup and propagation services, I got the he.net sage certification (still waiting for the t-shirt ), and lastly; checking client PTR with IPv6 test - IPv6/4 connectivity and speed test in quest of the holy 20/20! And succeeded - except:
Strangely enough, it appears as if the holy 20/20 is only achieved if the reverse IPv6 zone can be queried by IPv4
Can anyone confirm this??
Or is it because the ISP nameservers isn't fully up to IPv6 speed??
Code:
$ dig @2620:fe::fe -x 2a06:4004:b105:100::13 +trace
snip...
;; Received 451 bytes from 193.0.9.2#53(f.ip6-servers.arpa) in 16 ms
4.0.0.4.6.0.a.2.ip6.arpa. 172800 IN NS ns1.kviknet.dk.
4.0.0.4.6.0.a.2.ip6.arpa. 172800 IN NS ns2.kviknet.dk.
4.0.0.4.6.0.a.2.ip6.arpa. 3600 IN NSEC 5.0.0.4.6.0.a.2.ip6.arpa. NS RRSIG NSEC
4.0.0.4.6.0.a.2.ip6.arpa. 3600 IN RRSIG NSEC 13 10 3600 20220201103001 20220118090001 57223 0.a.2.ip6.arpa. KnMoer1nM72uvBi/Ydz78VG2sqCuZclCc6yIPIUiYSgFa+TNbQzcm6CY iJXJkOIPrrEz2+VQWpkLLLIvbURbgg==
;; Received 355 bytes from 204.61.216.100#53(ns3.afrinic.net) in 16 ms
5.0.1.b.4.0.0.4.6.0.a.2.ip6.arpa. 86400 IN NS ns1.opinion2.biz.
5.0.1.b.4.0.0.4.6.0.a.2.ip6.arpa. 86400 IN NS ns1.ipv6.opinion2.biz.
;; Received 154 bytes from 185.107.12.58#53(ns1.kviknet.dk) in 12 ms
3.1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.1.0.5.0.1.b.4.0.0.4.6.0.a.2.ip6.arpa. 21600 IN PTR ns1.opinion2.biz.
5.0.1.b.4.0.0.4.6.0.a.2.ip6.arpa. 21600 IN NS ns1.ipv6.opinion2.biz.
5.0.1.b.4.0.0.4.6.0.a.2.ip6.arpa. 21600 IN NS ns1.opinion2.biz.
;; Received 224 bytes from 2a06:4004:b105:100::13#53(ns1.opinion2.biz) in 0 ms
Is this to expect?? If so, there is a long way to IPv6 only
/Kim Bjoern, Denmark