3

in order to APPLE , after 1 June all applications must support the ipv6 so i need to reconfigure my ios app. So i create a local network with ipv6. My topology is below. i configured bind 9.8 on centos A and AAAA record and PTR record.

i can query all domains on local (::1) with ipv6 like below but if other devices write dns query ip to IPV6 , it gets timeout. So requests listened with tshark and i saw that ICMPV6 cant reachable. i can ping all local IPV6 and can traceroute them.i thought it is about firewall and closed it but there is no change.

if nslookup server is configured with ipv4 , dns query can response A and AAAA results.

in named.conf , allow-query option is any and i get tutorial from [here]: http:// seoroot.com/blog/computing/systems-administration/setup-dns-server-for-ipv6-and-ipv4-queries-using-bind9-in-centos-linux.html

Here is problem that why dns query result cannot go destination , even if can ping or traceroute.

Thanks for helps and response.

named.conf:

options { listen-on port 53 {any;};
listen-on-v6 port 53 {any;};
directory   "/var/named";
dump-file   "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query     { any; };
recursion yes;
allow-update { none; };
dnssec-enable yes;
dnssec-validation yes;
dnssec-lookaside auto;
bindkeys-file "/etc/named.iscdlv.key";
managed-keys-directory "/var/named/dynamic";
};
logging {
channel default_debug {
file "data/named.run";
 severity dynamic;
};
};

zone "." IN {
type hint;
file "named.ca";
};

zone "example.com.tr" IN {
type master;
file "/etc/named/example.com.tr";
allow-query {any;};
allow-update {none;};
};
zone "3.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.6.b.3.b.c.3.2.c.1.6.d.f.ip6.arpa" { 
type master; 
file "/etc/named/tersdns";
}; 

include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";

example.com.tr : 

$TTL 1200
example.com.tr. IN  SOA ns1.example.com.tr mail@example.com.tr. (
        2012090808
        1200
        1200
        2149200
        3600 )

@   IN AAAA fd61:c23c:b3b6::3
@       IN NS ns1.example.com.tr.

; A Records
ns1.example.com.tr. IN  A   192.168.2.101
ns2.example.com.tr. IN  A   192.168.2.101
mail.example.com.tr.    IN  A   192.168.2.101
sip.example.com.tr. IN  A   192.168.2.101
test.example.com.tr.      IN      A       192.168.2.102

; AAAA Records
ns1     IN AAAA fd61:c23c:b3b6::3
ns2     IN AAAA fd61:c23c:b3b6::3
mail    IN AAAA fd61:c23c:b3b6::1
sip IN AAAA fd61:c23c:b3b6::3
test    IN AAAA fd61:c23c:b3b6::1

reversdnszone:

; Zone file built with the IPv6 Reverse DNS zone builder
; http : / / rdns6 .com/

$TTL    1h
$ORIGIN         3.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.6.b.3.b.c.3.2.c.1.6.d.f.ip6.arpa.
@           IN SOA  ns1.example.com.tr root.example.com.tr. (
            2012122101; serial
            24h; refresh
            2h; retry
            1000h; expire
            2d; minimum
            ) 

    IN  NS  ns1.example.com.tr.

3.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.6.b.3.b.c.3.2.c.1.6.d.f.ip6.arpa.   IN PTR ns1.example.com.tr

Topology : enter image description here Localhost DNS QUERY : enter image description here DNSquery cannot response: enter image description here

Yasin Caner
  • 46
  • 1
  • 4
  • For your immediate problem, it appears that your DNS server is firewalled. For your iOS app, you should [set up a NAT64 test network on a Mac in accordance with Apple's recommendations](https://developer.apple.com/library/mac/documentation/NetworkingInternetWeb/Conceptual/NetworkingOverview/UnderstandingandPreparingfortheIPv6Transition/UnderstandingandPreparingfortheIPv6Transition.html#//apple_ref/doc/uid/TP40010220-CH213-SW16). – Michael Hampton Aug 18 '16 at 18:23
  • Hello, thanks for reply. i will put a switch instead of tp link modem and i will try. – Yasin Caner Aug 19 '16 at 06:09
  • After removing tp link modem and putting a switch , dns query works fine. tp link has a firewall about it in my view. – Yasin Caner Aug 19 '16 at 08:44

0 Answers0