Lets begin with what all we will be covering in this blog post.
We will be covering a lil bit of what is a reverse DNS entry and why do we need it.
We will then cover how to create a reverse DNS entry for two types of ipv6 entries:

1. A 6to4 ipv6 ip using our own dns server and a 6to4 nro delegation
2. A tunnel broker ipv6 entry using dns provided by he.net

The reverse DNS look up helps to resolve an ip into the respective host name. It is, like the name says, “reverse” of what the DNS normally do.

DNS is used to convert a human readable name like “hackalyst.info” into its corresponding ip.


host hackalyst.info
hackalyst.info has address 50.57.67.195


reverse DNS entry helps to resolve the ip into a hostname.

$ host 50.57.67.195
195.67.57.50.in-addr.arpa domain name pointer hackalyst.info.


Now, why is reverse DNS required?

One of the reasons nicely explained at godaddy is to fight spam.

Other than that, its always cool to have your ip map to your domain name

There are two ways of creating a reverse DNS entry for ipv6.
1) You can create your own DNS server, point your domain name provider to point to your additional DNS.
2) You can use a free dns service provided by dns.he.net

Lets first go through the first option which is slightly lengthier and more DYI and CLI friendly

The wikipedia entry on 6to4 pointed my towards 6to4.nro.net that can be used to create a revese DNS PTR for a 6to4 ip, i.e, an ipv6 starting with 2002:.

The 6to4.nro.net needs dns servers with zone for this reverse delegation. None of the dns servers I host with (domaincontrol.com through godaddy, stabletransit.com via rackspace and he.net) were accepted in 6to4 form. So I decided to setup my own DNS server.

First I setup the DNS name for my DNS (yeah, thats required!) at my existing dns provider.
I am setting up my dns on my own server, hence can simply create sub domains (I used dns1 and dns2 instead of traditional ns1 and ns2) pointing to my own domain. You can create such subdomains pointed to the actual hosts where you will be setting up your DNS. You can set it up on one host or on multiple hosts.

I setup my own DNS server using instructions from devshed forums. Its pretty old but still works.

At the end of configurating the dns server, I initially got an error saying:

_default/67.57.50.in-addr.arpa/IN: file not found


That was because the file name in the config and my actual file name were not the same. After I fixed this issue, still named would refuse to start without throwing any erorrs.

An inspection of /var/log/messages said something about unable to write to the log file.

Jun 24 11:58:22 deltacore named[31254]: the working directory is not writable
Jun 24 11:58:22 deltacore named[31254]: isc_stdio_open 'query.log' failed: permission denied
Jun 24 11:58:22 deltacore named[31254]: configuring logging: permission denied
Jun 24 11:58:22 deltacore named[31254]: loading configuration: permission denied


The way to fix was to change the ownership of the /var/named folder and /etc/named to named


#chown -R named:named /var/named /etc/named.conf


And then all was fine

After setting the above DNS server, I needed to add the PTR info for my ipv6.
I found http://www.fpsn.net/index.cgi?pg=tools&tool=ipv6-inaddr via searching and headed over to create my reverse PTR configuration for my own DNS.

In the form:
Record type : select ip6.arpa (new standard)
Assigned IPv6 Block: (your ipv6 block)
Admin email:
DNS Server: (DNS Created above)
Secondary server (DNS Created above)

Then it gives the configuration file which you can add to your named.conf and create the reverse zone file.
Like it says at the end of generated reverse zone file, you need to add the AAAA entry in your respective zone file.

After this, it was just playing around to add “my” DNS servers to my “Domain” NS entries with my service provider.
My primary DNS provider is godaddy. I just added my own DNS entries into the NS entry of my domain.

If you do not want to create your own DNS server (or cannot due to resource crunch), you can use freely available DNS servers from he.net.

For this second purpose, I am going to use both the 6to4 ip above tied with your domain and another ipv6 obtained through tunnelbroker.

DNS provided by he.net can be used for managing your domains and these are pretty good in terms of usability.
Add your domain to your dns.he.net account, create your A,AAAA and other entries.

For creating your reverse DNS entry, you need to create the PTR record. Its available under “Additional” menu in dns.he.net.
For finding out the value of your ipv6 PTR, head over to http://rdns6.com/ and enter your v6 ip. The nibble value is what basically goes into your PTR record. In dns.he.net, the above nibble would be added as Name in PTR entry and your domain name in the Hostname.

If you are using a tunnel broker ipv6, you can login to the dns.he.net using same credentials as your tunnelbroker and it would import and delegate the ipv6 provided to you to the he.net nameservers. (I might be wrong here as I ve been using dns.he.net for quite some time and do not remember the initial steps I took).

Once you ve assigned dns names to your ipv6 ips, you can go and assign those ips and respective domain in the dns.he.net. This creates the PTR record for those ipv6 pointing to your domain.

at the end of the day, this is what should be the result of a perfectly working PTR record.

$ host hackalyst.info
hackalyst.info has address 50.57.67.195
hackalyst.info has IPv6 address 2002:3239:43c3::1

$ host 2001:470:5:869:21e:c9ff:fe03:803b
b.3.0.8.3.0.e.f.f.f.9.c.e.1.2.0.9.6.8.0.5.0.0.0.0.7.4.0.1.0.0.2.ip6.arpa domain name pointer hackalyst.homeunix.org.


So now you know how to create reverse DNS entry aka PTR for your ipv6

cheers!

hi,

Today we are going to discuss possible google tieups with local ISP’s to create caching layers in order to deliver better experience to high bandwidth customers.

I stumbled upon the same while browsing one of google’s pages which had an embedded youtube video. Initially it was very slow and I was quite surprised since I am on a 10mbps bandwidth connection and am usually able to stream even HD videos on youtube without any buffering delays. Then I realised that most probably I was going over the ipv6 network (and hence tunneling all the way to US and not getting local content) and hence the delay. I fired my wireshark and indeed I was going over the ipv6 network. I mulled over disabling the ipv6 in router and keeping it only in my dev box when I realised that I can simply disable ipv6 browsing in my firefox .

about:config -> network.dns.disableIPv6;true

And am done

After doing the above, I reloaded the earlier page with firebug enabled. The embedded video was now playing smoothly without any buffering delays. And then all of a sudden I saw this in the firebug network panel:

o-o.preferred.actbroadband-blr1.v3.lscache3.c.youtube.com

wait what?!
So google has a cache specifically for my ISP?! (I use ACT broadband).
Now that my curiosity was pipped, I decided to do a lil more digging.

[anshup@mouthwa ~]$ host o-o.preferred.actbroadband-blr1.v3.lscache3.c.youtube.com
o-o.preferred.actbroadband-blr1.v3.lscache3.c.youtube.com has address 202.83.22.14
o-o.preferred.actbroadband-blr1.v3.lscache3.c.youtube.com has IPv6 address 2404:6800:4007:2::e

Oh, so they ve also ipv6 enabled it, nice.

whois 202.83.22.14

descr: BroadBand Internet Service Provider, India
..
address: ACT Television
address: # 29/4, 4th Floor, Trade Center,
address: Race Course Road, Bangalore - 560 001


[anshup@mouthwa ~]$ whois 2404:6800:4007:2::e

inet6num: 2404:6800::/32
netname: GOOGLE_IPV6_AP-20080930
descr: Google IPv6 address block in AP
country: AU



Ah, so while the ipv4 cache was coming from my local ISP, the ipv6 cache was coming all the way from australia? So even though google might ve teamed up and linked a deal with local broadband providers, it still is some miles away in getting ipv6 cache to India? Or possibly because am on an ipv6 tunnel rather, it ended up using my tunnel endpoint as the preferred location rather than my original location.

The more interesting part is that Google has apparently created up local caches at ISP ends to help give better speed to the end user. I need to check it up on some other ISP s here in bangalore and then will update the results here.

cheers

It is possible to get ipv6 connection in India using tunneling (ipv6 over ipv4). There are multiple providers, but he.net is one of the simplest ones to use and setup. And its for free! You can set upto 5 tunnels with every free account. You’ll mostly need one or two maximum as each tunnel needs a valid ipv4 ip on your end.

To set a free tunnel, head over to the tunnel broker site of he.net.

Register a new account. After successful registration (and confirmation), login, click on “create a regular tunnel” under user functions, provide your ipv4 address and voila (usually its the same as “You are vieweing from” that is shown under the text box for “IPv4 endpoint (your side)” and you are ready to go!

If you want to use google services over ipv6, I suggest you use one of the US endpoints of the tunnel, as it looks like google has whitelisted the US endpoints. The Asian endpoints dont ve access to google and facebook over ipv6.

Once you ve created your tunnel, you need to setup your system. I ve tried it on linux, mac and airport extreme. The example configuration showed in the tunnel page (once created) works pretty well for all that I tried. Most of them need you to copy paste the commands given in a command line terminal.

Once you are done with all the above, comes the most important part. Adding the DNS! Even if you ve a fully functional tunnel, you wont be able to browse or use it unless you ve the DNS configured for ipv6.

In your version of OS, configure the DNS for he.net

2001:470:1f06:b8c::2


Check it up online how to configure a nameserver/dns for your OS.

If you ve a airtel connection, or other ISPs which result in you ving different ips, no worries. You can update your tunnel endpoint (i.e, your ip) in the tunnel configuration easily. Either using the web UI by logging into the tunnelbroker.net site, or using APIs available at http://ipv4.tunnelbroker.net/ipv4_end.php

Usage: https://ipv4.tunnelbroker.net/ipv4_end.php?ip=IPV4ADDR&pass=MD5PASS&apikey=USERID&tid=TUNNELID
-or-: https://USERNAME:PASSWORD@ipv4.tunnelbroker.net/ipv4_end.php?tid=TUNNELID (auto-detect IP)

https://USERNAME:PASSWORD@ipv4.tunnelbroker.net/ipv4_end.php?tid=TUNNELID&ip=IPV4ADDR

Let me know if you need more help with setting up your ipv6 tunnel!

My home network and my blog both are now on ipv6, thanks to the tunnels provided by he.net!