2

I'm attempting to serve a website from a machine that only has an IPv6 address. I have purchased a domain name and changed the AAAA record of the DNS resource record to my IPv6 address, and have verified that this change has been updated using nslookup --query=AAAA example.com. However, when I navigate to my page, it resolves to the default site provided by my domain registrar, which is hosted at the IPv4 address in the A record.

In addition, I've tried to set the A record to an invalid IPv4 address, but no dice.

How can I force the use of the IPv6 address?

Community
  • 1
user14717
  • 123
  • 1
  • 5
  • Wait, there's an `A` record pointing somewhere useless (or more ideally, no A record at all) and the registrar's still responding with an `A` record that points to their own systems? What's the nslookup show when querying for `A` (or better yet, `ANY`)? – Shane Madden Jun 12 '15 at 02:09
  • Right; `nslookup -query=A foo.com` gives the useless IPv4 address, `ping foo.com` gives the default IPv4 address of the registrar. `nslookup -query=ANY` gives expected results. – user14717 Jun 12 '15 at 02:13
  • There shouldn't be any way for your browser to load a page belonging to the registrar, then, since they'd need to point to it with an `A` or `CNAME` record. What's your browser's developer tools say about what remote server address it's contacting? – Shane Madden Jun 12 '15 at 02:14
  • I tried it on Chrome and Safari, both got pointed to the default registrar page. Is there an app to display the remote server address in these browsers? – user14717 Jun 12 '15 at 02:20
  • I can't wrap my mind around why ping is going to a different address than nslookup. – user14717 Jun 12 '15 at 02:24
  • Nothing else in that `ANY` query than just the `A` and `AAAA`, right - no `CNAME`? Also, when did you make the change to the `A` and what's the TTL - could be caching? – Shane Madden Jun 12 '15 at 02:25
  • No CNAME in in the `ANY` query but the mail exchanger is still run by the registrar; TTL is 3600, so presumably this could be caching (it's been ~30 min, my bad!) – user14717 Jun 12 '15 at 02:29
  • Ok! Well then let's give it some time for caches to clear - unless something crazy is going on, this should work as you want (and ping and nslookup should return the same thing) once that happens. – Shane Madden Jun 12 '15 at 02:41
  • 2
    If it's IPv6-only, make sure you don't have an A record, not even a "fake" one. – Michael Hampton Jun 12 '15 at 02:43
  • 2
    @MichaelHampton: I'm using 1and1.com; there is no option to delete the A record, and if you leave it null it comes back to the default IPv4 address. . . – user14717 Jun 12 '15 at 02:55
  • 2
    Well then, that's a great argument for hosting your DNS elsewhere. :) And probably everything else; I've never heard a good word about 1and1. – Michael Hampton Jun 12 '15 at 02:59
  • @MichaelHampton: Thanks for the tip. I used them because I know nothing about hosting, and they only put me out $1. I'll google around for a better registrar. – user14717 Jun 12 '15 at 03:02
  • Namecheap will give you _free_ DNS hosting and you don't even have to transfer your domain or anything else. And it's reliable enough. – Michael Hampton Jun 12 '15 at 03:17
  • I have an IPv4 [address](http://v4-frontend.netiter.com/) you can use if you want to. But I agree with Michael that you shouldn't be using a DNS provider who inserts their own IPv4 address on every domain where no A record was specified. – kasperd Jun 12 '15 at 06:44

1 Answers1

5

If you want to force all users accessing a domain to do so over IPv6 rather than IPv4, the correct way to do so is to simply not publish any A record.

From the additional information provided in the comments I understand that your current DNS hosting provider does not support a correct configuration. That means you'll have to switch to another DNS hosting provider.

If for some reason you want to stay with the current provider, there is another way to force clients to use IPv6 even when there is an A record. You can point the A record to an IPv4 address which responds with a TCP RST packet to every connection attempt. Most clients with IPv6 access will switch to IPv6 if they get a RST over IPv4.

But don't just point your A record to some random IPv4 address which happens to be responding with RST at the moment. You need to ensure that you have an agreement with whoever is responsible for the host on the IPv4 address you point to, before you start using it.

kasperd
  • 30,455
  • 17
  • 76
  • 124