Monthly Archives: September 2011

how to get ipv6 connection in India

It is possible to get ipv6 connection in India using tunneling (ipv6 over ipv4). There are multiple providers, but he.net is one of the simplest ones to use and setup. And its for free! You can set upto 5 tunnels with every free account. You’ll mostly need one or two maximum as each tunnel needs a valid ipv4 ip on your end.

To set a free tunnel, head over to the tunnel broker site of he.net.

Register a new account. After successful registration (and confirmation), login, click on “create a regular tunnel” under user functions, provide your ipv4 address and voila (usually its the same as “You are vieweing from” that is shown under the text box for “IPv4 endpoint (your side)” and you are ready to go!

If you want to use google services over ipv6, I suggest you use one of the US endpoints of the tunnel, as it looks like google has whitelisted the US endpoints. The Asian endpoints dont ve access to google and facebook over ipv6.

Once you ve created your tunnel, you need to setup your system. I ve tried it on linux, mac and airport extreme. The example configuration showed in the tunnel page (once created) works pretty well for all that I tried. Most of them need you to copy paste the commands given in a command line terminal.

Once you are done with all the above, comes the most important part. Adding the DNS! Even if you ve a fully functional tunnel, you wont be able to browse or use it unless you ve the DNS configured for ipv6.

In your version of OS, configure the DNS for he.net

2001:470:1f06:b8c::2

Check it up online how to configure a nameserver/dns for your OS.

If you ve a airtel connection, or other ISPs which result in you ving different ips, no worries. You can update your tunnel endpoint (i.e, your ip) in the tunnel configuration easily. Either using the web UI by logging into the tunnelbroker.net site, or using APIs available at http://ipv4.tunnelbroker.net/ipv4_end.php

Usage: https://ipv4.tunnelbroker.net/ipv4_end.php?ip=IPV4ADDR&pass=MD5PASS&apikey=USERID&tid=TUNNELID
-or-: https://USERNAME:PASSWORD@ipv4.tunnelbroker.net/ipv4_end.php?tid=TUNNELID (auto-detect IP)

https://USERNAME:PASSWORD@ipv4.tunnelbroker.net/ipv4_end.php?tid=TUNNELID&ip=IPV4ADDR

Let me know if you need more help with setting up your ipv6 tunnel!

My home network and my blog both are now on ipv6, thanks to the tunnels provided by he.net!

how to add AAAA record (or ipv6 record) to your rackspace dns

UPDATE: Don’t bother setting it up if you are only using the rackspace cloud server. Their DNS doesn’t support ipv6 yet and apparently won’t propagate the AAAA records yet :! Thats kinda funny since they do have load balancer services on ipv6 now. Waiting on some response/confirmation from Waz mentioned in the post. I ve moved my DNS back to my domain registrator, GoDaddy.

I was earlier hosting with slicehost and their dns was a smooth drive when it came to adding any DNS entries.

I then moved to their parent company rackspace as they had cheaper plans. Slicehost was slated to move to same plans but some time down the year.

Anyways, after I moved to rackspace, I decided to add the IPv6 domain back to my server. In slicehost it was pretty simple, but in rackspace, oh no!

The rackspace DNS is still in primitive era. Recently they have announced overhaul of their entire DNS but its yet stuck in the last mile deliverable, i.e, a working GUI.

Add to that, their “beta” API docs (I didn’t know for a while what’s in beta, the API or the docs :P ).

Anyways, my first attempt to use the GUI was faced with continuous failure :!

rackspaceAAAAfailure

After a quick chat with their customer care, I was pointed to their DNS API. Apparently AAAA support is not in GUI yet.

Ok, now lets give it a try.

Documentation is always a pain, but I guess when your moolah depends upon that, it should be better. Now I am usually pretty good at RTFM, but this time it was simply not happening. Rackspace needs to spruce up that documentation a lot!

Anyways, now that we are done with a rather length prelude to the actual subject, lets get on the real topic. How to add a AAAA
record to your rackspace in case the GUI is failing.

First, you’ll need a firefox plugin called restclient. That’s cause the return error messages from rackspace are quite uninformative and it becomes difficult to change your curl command or php script based on a vague 403 or a 500.

First step:

Get your rackspace API Key.
For this, you first need to login to your rackspace account and get the API key. Its located under “Your account” section

Click on Show Key to show your key. Or you can generate a new API key on that page using Generate new key.

Second step:
Get an authetication token.
Now getting the API key is half the part of getting your authentication token. Your API key is not your authentication token.
You use the API key to generate your Authentication token using the rackspace REST webservices.

The Rackspace authentication webservices accepts the parameters using headers only. And sends the output also in headers.

Before we get the token, you need to findout if you are a US user or a UK user :!

quoting the API doc

To access the Authentication Service, you must know whether your account is US-based or UK-based:

US-based accounts authenticate through https://auth.api.rackspacecloud.com/v1.0.

UK-based accounts authenticate through https://lon.auth.api.rackspacecloud.com/v1.0.

Your account may be based in either the US or the UK; this is not determined by your physical location but by the location of the Rackspace retail site which was used to create your account:

If your account was created via http://www.rackspacecloud.com, it is a US-based account.

If your account was created via http:/www.rackspace.co.uk, it is a UK-based account.

Once you ve found your endpoint, (mine is US), you can start to get your Auth token.

A simple way for those familiar with command line is to use curl:

curl -I -H 'X-Auth-User:yourRackspaceLogin' -H 'X-Auth-Key:YOUR-API-KEY-HERE' 'https://auth.api.rackspacecloud.com/v1.0'

If you are a UK customer, the respective DNS API endpoint for UK is:

https://lon.dns.api.rackspacecloud.com/v1.0/


Or for those not aware of it, you can use the firefox plugin we installed earlier.

Open the plugin from the tools menu under firefox. I am on mac. So choose the respective menu for your platform.

Select the RestClient.

Select GET method. Put the url as your endpoint that you found above. Click on Add Header

Name – X-Auth-User
Value – yourRackspaceLogin

Add another header
Name – X-Auth-Key
Value – YOUR-API-KEY

After adding these two header, hit send, and if all goes fine, you should get a green (204) response.

A http 204 response means that the server successfully processed the request, but is not returning any content. Like I said earlier, this part of transaction, i.e, getting the auth token is done entirely using headers only.

The output for curl method would be something like this:

HTTP/1.1 204 No Content
Server: Apache/2.2.13 (Red Hat)
vary: X-Auth-Token,X-Auth-Key,X-Storage-User,X-Storage-Pass
X-Storage-Url: https://storage101.ord1.clouddrive.com/v1/MossoCloudFS_s0m34rb17v4lu3
Cache-Control: s-maxage=17404
Content-Type: text/xml
Date: Sun, 25 Sep 2011 04:14:17 GMT
X-Auth-Token: THIS-IS-YOUR-AUTH-TOKEN
X-Server-Management-Url: https://servers.api.rackspacecloud.com/v1.0/588177
X-Storage-Token: THIS-IS-YOUR-AUTH-TOKEN
Connection: Keep-Alive
X-CDN-Management-Url: https://cdn2.clouddrive.com/v1/MossoCloudFS_s0m34rb17v4lu3

The value for both X-Auth-Token and X-Storage-Token are same, so nothing to worry about about duplicates.

Notice the “588177” in the X-Server-Managerment-Url above. Make a note of your corresponding value. This is your server id that you’ll need in further DNS API calls as well. We will call it YOUR_SERVER_ID for the purpose of rest of this blog.

Third Step:
Get the Domain ID

Now we need to get the Domain ID of your domain tied to your server. I had two domains listed with my server. You can have one or multiple such domains listed with your server.

The curl command would be:

curl -H 'X-Auth-Token:YOUR-AUTH-TOKEN' 'https://dns.api.rackspacecloud.com/v1.0/YOUR_SERVER_ID/domains/'

Output is something like:

{"domains":[{"name":"anshprat.info","id":2791520,"accountId":588177,"updated":"2011-05-17T13:14:33.000+0000",
"created":"2011-05-17T13:08:13.000+0000"},{"name":"hackalyst.info","id":2791406,"accountId":588177,"updated":"2011-09-24T14:57:39.000+0000",
"created":"2011-05-17T10:10:57.000+0000"}],"totalEntries":2}

You can do the same using the RestClient. Find the url in the curl command above , and change the header to that under -H.

The “id” part in the output is the one that we need. We will call it YOUR_DOMAIN_ID for the purpose of rest of this blog.

Once you ve the id, you are ready to create the records. This is the place where I used RestClient the most. As the curl errors were random and so not descriptive. Ranging from

Warning: You can only select one HTTP request!

which I think was some issue with the curl format of payload or combination of options to the usual 500 :!

Fourth and Final step:

Lets create the AAAA DNS record!

Ok, so to create the records, the required info can be put using XML or JSON. I used JSON.

The url is

https://dns.api.rackspacecloud.com/v1.0/YOUR_ACCOUNT_ID/domains/YOUR_DOMAIN_ID/records

change the format to POST.

And to add a AAAA record, create a JSON payload like this:

{
"records" : [ { "name" : "ipv6.hackalyst.info", "type" : "AAAA", "data" : "2001:470:1f06:b8c::2"
}, { "name" : "ipv6.hackalyst.info", "type" : "NS", "data" : "dns1.stabletransit.com", "ttl" : 3600
}, { "name" : "ipv6.hackalyst.info", "type" : "NS", "data" : "dns2.stabletransit.com", "ttl" : 3600
}]
}

Change the ipv6.hackalyst.info with your domain/subdomain requirements and the data to your required ipv6. Let the NS data as it is. (I assume you want to add it to your rackspace dns.)

Put the above JSON payload in the Request Body of the RestClient. I had removed the newlines in the actual JSON. Please put your entire JSON in a single line if you face any issues.

And click Send.

Hopefully you should get a GREEN 204 response. This is a asynchronous request to the DNS API. So you can check the status of your this request using the url:

https://dns.api.rackspacecloud.com/v1.0/YOUR_SERVER_ID/status

Remember, every call to the rackspace DNS API need to include the X-Auth-Token header.

Default output/input format is JSON. XML is also available. Please read up the Doc on how to get XML, I didn’t try it.

I hope this works for most of you who need it. Leave a comment if you face any issues. Would be great if someone can provide curl requests for delivering the JSON/XML payload in the POST request!

Before I end the post, I should mention my other attempts of getting the help from the rackspace guys.

I posted a pic to my twitpic account while I contacted the rackspace live chat for the first time. I had put this pic up there as a quick way of sharing it with the customer care person.

Couple of hours later, when I went back to twitter to complain about my failure to create the AAAA record, I found that @rackspace had replied with a support email address. twitter at rackspace dot com.

I immediately sent a mail to the aforesaid mail, to which I got a reply. I had already found the RestClient API and managed to get the records added. Had a pleasant conversation with “Waz”, a rackspace engineer or a racker! Raised a ticket about GUI visibility about visibility of the records added through API. Got the response that the AAAA and TXT records dont show up in the GUI yet. These will be visible when the new DNS GUI is generally available.

So overall, a pleasant experience. Looking forward to native ipv6 support soon!

The Scam that helped the people.

All the hullabaloo around the India’s 2G scam is something that I deeply detest. Am I the only one who sees the public benefit that happened due to spectrums being handed out for little to no license fees? Look at where India’s cellular penetration is. Look at the cellular tariff’s in India and compare it to the rest of the world. India now has the lowest tariff in the world. Could this ve happened had the spectrum’s being instead sold at exorbitant prices? Look where the 3G network infrastructure, penetration and the availability is today in India. Of course the government “earned” a lot of money from these 3G licenses (and in fact it were these 3G spectrum bids and final prices which brought the “apparent” 2G spectrum scam to forelight), but who is the ultimate loser in this game? Telco’s brought 3G licenses at the obscene prices only coz they were buoyant by the existing 2G environment. What they forgot was that the 2G era happened because of cheap licenses which left the telcos with enough money to spend on the infrastructure.

In my opinion, the guy who decided to sell the 3G license is the bigger culprit. Typical Indian style, milk the cow as much as you can. Infact this was worse than slaying the golden goose.

Just imagine the internet penetration that 3G would have brought to masses if these were easliy available. I remember the days when I was on dialup. I used to get 12-13kBps average, 40kBps peak. Today I ve a 5MBps connection and am in 99.1 percentile of the Indian population having high speed internet. The definition of broadband in India is pathetic. 256kBps is defined as Broadband by TRAI.

IMO, one of the best decisions that was made in the last decade was the free giveaway of the 2G spectrum. Money might have changed hands, and whats wrong is wrong, but not selling the 2G spectrum was definitely the best decision the silent PM agreed to.