dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
1999
share rss forum feed


aefstoggaflm
Open Source Fan
Premium
join:2002-03-04
Bethlehem, PA
kudos:7
Reviews:
·PenTeleData
·Verizon Online DSL

Way to test DNS servers for IPv6 with out web based UI?

I know of »test-ipv6.com/ and it tells me that

quote:
Your DNS server (possibly run by your ISP) appears to have no access to the IPv6 Internet, or is not configured to use it. This may in the future restrict your ability to reach IPv6-only sites.

but that is web based, and it takes time to re-configure my computer to use different DNS Server(s).

Is there a way to test DNS Servers to see if they talk IPv6 on a computer without going to a web page and loading the data?

Thank you.
--
Please use the "yellow (IM) envelope" to contact me and please leave the URL intact.

quesix

join:2005-12-19
Cary, IL

1 edit

1 recommendation

use command line nslookup to switch servers and test for "ds.v6ns.test-ipv6.com" record
in this test i tried 4 servers (windows 7 command line)

#1 Comcast secondary 75.75.76.76 (failed because I'm not using Comcast network)
#2 4.4.4.4 failed because not a valid dns server
#3 8.8.8.8 (Google), successful known good dns server with IPv6 access
#4 X.X.X.X (obfuscated) failed no IPv6 access from server

you want result #3

C:\Users\username.DOMAINNAME>nslookup
Default Server:  currentdns.server.com
Address:  X.X.X.X
 
> server 75.75.76.76
Default Server:  cdns02.comcast.net
Address:  75.75.76.76
 
> ds.v6ns.test-ipv6.com
Server:  cdns02.comcast.net
Address:  75.75.76.76
 
*** cdns02.comcast.net can't find ds.v6ns.test-ipv6.com: Query refused
> server 4.4.4.4
Default Server:  [4.4.4.4]
Address:  4.4.4.4
 
> ds.v6ns.test-ipv6.com
Server:  [4.4.4.4]
Address:  4.4.4.4
 
DNS request timed out.
    timeout was 2 seconds.
DNS request timed out.
    timeout was 2 seconds.
DNS request timed out.
    timeout was 2 seconds.
DNS request timed out.
    timeout was 2 seconds.
*** Request to [4.4.4.4] timed-out
> server 8.8.8.8
DNS request timed out.
    timeout was 2 seconds.
Default Server:  [8.8.8.8]
Address:  8.8.8.8
 
> ds.v6ns.test-ipv6.com
Server:  [8.8.8.8]
Address:  8.8.8.8
 
Non-authoritative answer:
Name:    ds.v6ns.test-ipv6.com
Addresses:  2001:470:1:18::119
          216.218.228.119
 
> server X.X.X.X
Default Server:  hostname.domain.com
Address:  X.X.X.X
 
> ds.v6ns.test-ipv6.com
Server:  hostname.domain.com
Address:  X.X.X.X
 
*** hostname.domain.com can't find ds.v6ns.test-ipv6.com: Server failed
>
 

P.S. we are still MANY YEARS/EVEN WHOLE DECADE off from this being a problem for most people. I'd guess 7 years at least...easily as high as 15 years before it will be an issue for general internet users.


aefstoggaflm
Open Source Fan
Premium
join:2002-03-04
Bethlehem, PA
kudos:7
Reviews:
·PenTeleData
·Verizon Online DSL

Interesting, but I have to ask.

Does one need to have IPv6 in order to see if the DNS Supports IPv6?

user-name@pc-name:~$ nslookup ds.v6ns.test-ipv6.com 8.8.8.8
Server:8.8.8.8
Address:8.8.8.8#53
 
Non-authoritative answer:
Name:ds.v6ns.test-ipv6.com
Address: 216.218.228.119
 
user-name@pc-name:~$ nslookup test-ipv6.com 8.8.8.8
Server:8.8.8.8
Address:8.8.8.8#53
 
Non-authoritative answer:
Name:test-ipv6.com
Address: 216.218.228.119
 
user-name@pc-name:~$ 
 

If so, is there a way not to have IPv6 and test the DNS server(s)?

Thank you

--
Please use the "yellow (IM) envelope" to contact me and please leave the URL intact.


graysonf
Premium,MVM
join:1999-07-16
Fort Lauderdale, FL
kudos:2

1 recommendation

You need to be running an IPv6 stack to be able to answer IPv6 questions.



aefstoggaflm
Open Source Fan
Premium
join:2002-03-04
Bethlehem, PA
kudos:7
Reviews:
·PenTeleData
·Verizon Online DSL

said by graysonf:

You need to be running an IPv6 stack to be able to answer IPv6 questions.

Unless I am missing something: I am, I just do not have IPv6 for the WAN..

As shown in this screen shot




Thank you
--
Please use the "yellow (IM) envelope" to contact me and please leave the URL intact.


graysonf
Premium,MVM
join:1999-07-16
Fort Lauderdale, FL
kudos:2

1 recommendation

You have no IPv6 WAN address, and no routable IPv6 LAN address either. The fe80 IPv6 address is a link local address and there is no point in obscuring it.



aefstoggaflm
Open Source Fan
Premium
join:2002-03-04
Bethlehem, PA
kudos:7
Reviews:
·PenTeleData
·Verizon Online DSL
reply to graysonf

said by graysonf:

You need to be running an IPv6 stack to be able to answer IPv6 questions.

said by graysonf:

You have no ipv6 WAN address, and no routable ipv6 LAN address either...

Oh, ok.

But something to me, does not make sense.

When I see the text that says

quote:
Your DNS server (possibly run by your ISP) appears to have no access to the ipv6 Internet, or is not configured to use it. This may in the future restrict your ability to reach ipv6-only sites.

and I click on more info next to that info it tells me back that

quote:
If this test succeeds: it means that your DNS resolver is fully capable of reaching IPv6 DNS servers. This means that the operator of that DNS server has IPv6 within their network. If they do not already offer you IPv6, this may be a sign that they are actively working on trying to make it possible.

I am must be missing something.

You are telling me that without IPv6 I can not test the DNS server to see if it supports IPv6 and yet the web page tells me that if I do not have IPv6 yet and the DNS Servers support IPv6, my ISP is working on deploying IPv6.

Please clarify what is going on.

Thank you.
--
Please use the "yellow (IM) envelope" to contact me and please leave the URL intact.

quesix

join:2005-12-19
Cary, IL

1 recommendation

reply to aefstoggaflm

Your provider is not yet supporting IPv6 based on everything I've seen. SO you score 0/10 for readiness.. this doesn't mean you did anything wrong... nor does it mean your equipment is or is not ready for Verizon's later deployment of IPv6. Since you have no support by Verizon all you can do is check manually that your PC and router are ready, given the fe80 address your PC is likely ready to go, and you only need check your router/firewall. If provided by Verizon they will likely take care of needed upgrade. I will be at least another 7 years before if makes much difference to typical internet user.

p.s. your test using 8.8.8.8 was a success technically even though it gave IPv4 response, because that test is that your dns server 8.8.8.8 can reach an IPv6 only dns server to get AN answer. which was test you asked about at top of thread but given your connection fails the other 9 tests as well i wouldn't worry about it, as that's 15 years off before it matters for typical user.



rchandra
Stargate Universe fan
Premium
join:2000-11-09
14225-2105

1 recommendation

reply to graysonf

Opinions vary on that. Some people think/feel that since MAC addresses are globally/universally unique, and LL addresses are based on MAC addresses, posting them publicly represents unwarranted information disclosure. I can't fathom why it really makes a difference, so I don't feel so squeamish about posting those though.
--
English is a difficult enough language to interpret correctly when its rules are followed, let alone when a writer chooses not to follow those rules.

Jeopardy! replies and randomcaps REALLY suck!



rchandra
Stargate Universe fan
Premium
join:2000-11-09
14225-2105
reply to aefstoggaflm

Read the description carefully. It means for some specific query, IPv6 was not used to fetch it. Provided your recursive resolver is distinct from the system testing this, it does not matter how your system testing this contacts the recursive resolver. It could very well request an A record, a CNAME record, an SOA record, an NS record, or even an AAAA record (the query type doesn't matter) via IPv4, and for the test to succeed the recursive resolver would have to employ IPv6 to fetch whatever record was requested. Unless the system testing this is also the recursive resolver, it does not matter whether the query is made over IPv4 or IPv6; all that matters is the recursive resolver has access to the IPv6 Internet.

The key to testing this independently is to know some name whose serving nameserver is NOT reachable via IPv4. As quesix See Profile relates, ds.v6ns.test-ipv6.com is one such name, as the nameserver(s) listed for v6ns.test-ipv6.com is v6ns1.test-ipv6.com, and v6ns1.test-ipv6.com resolves only to an AAAA address (but more importantly no A record exists for that nameserver name). ds.v6ns.test-ipv6.com resolves to an A record (216.218.228.119 at the time I'm writing this) or an AAAA record (2001:470:1:18::119), maybe more, I didn't try.

After that, it doesn't matter which widget performs the query. The ones I'm familiar with are the Linux implementations of host (my favorite), dig (a close second), and nslookup. The nslookup which comes with Windows could do just as well. The other variable would be which recursive resolver your widget queries. You could tell your widget which to use, or it could possibly use what your system testing this is configured to use. For example, dig -t a ds.v6ns.test-ipv6.com @8.8.8.8 (or indeeddig -t a ds.v6ns.test-ipv6.com @2001:4860:4860::8888 for that matter, if your IPv6 Internet connection is working properly) would pass this test as the Google Public DNS servers do have IPv6 connectivity. Whether the same query would succeed without the "@" qualifiers is another matter entirely. (So in case the reader does not know, the "@..." argument to dig tells dig which nameserver to query recursively for the answer.) Ideally, whichever nameservers are configured for your system do have access to the IPv6 Internet. As graysonf See Profile points out, you have not shown us anything which indicates you have an IPv6 Internet address, only a link-local address (all of those begin fe80). (emphasis on "Internet"...you have an IPv6 address, just not one routable on the IPv6 Internet.)

That's not usually a problem; it's possible for no charge to get an entire /64 network assignment from a tunnel broker, either Hurricane Electric or SixXS. I prefer HE because I found them first :-) and it doesn't require (or allow for that matter) any NAT. If you need for this to work behind NAT, you may find SixXS's AYIYA better. You can start getting used to working with IPv6 in a very practical sense if you set that up now (instead of waiting for your ISP's implementation).

Now, reading your question carefully, I don't know what "DNS Servers" is, so I can't tell you because I don't know what entity that is. Capitalizing "Servers" makes it a proper noun, and I've never heard of it/them. All I'm asking is that you please think carefully before randomly capitalizing something you write so that we readers don't have to guess what you meant, such as if you really meant "...DNS servers...".

--
English is a difficult enough language to interpret correctly when its rules are followed, let alone when a writer chooses not to follow those rules.

Jeopardy! replies and randomcaps REALLY suck!



aefstoggaflm
Open Source Fan
Premium
join:2002-03-04
Bethlehem, PA
kudos:7
Reviews:
·PenTeleData
·Verizon Online DSL
reply to aefstoggaflm

For example using »www.grc.com/dns/benchmark.htm I, believe, I can test if up to 50 DNS Servers to see:

a) If they reply to me.

and then

b) If they have DNSSEC.

Without testing how fast they are, unless I want to.

Is there something like that, that can test for IPv6 (not limited to only one DNS Server)?

Thank you
--
Please use the "yellow (IM) envelope" to contact me and please leave the URL intact.



aefstoggaflm
Open Source Fan
Premium
join:2002-03-04
Bethlehem, PA
kudos:7
Reviews:
·PenTeleData
·Verizon Online DSL

said by aefstoggaflm:

For example using »www.grc.com/dns/benchmark.htm I, believe, I can test if up to 50 DNS Servers to see..

No one knows of any Or what I ask is not possible?

Thank you
--
Please use the "yellow (IM) envelope" to contact me and please leave the URL intact.

quesix

join:2005-12-19
Cary, IL
reply to aefstoggaflm

nope, I don't think there is one available at this time. You would have to use the above concepts to write the program yourself.



aefstoggaflm
Open Source Fan
Premium
join:2002-03-04
Bethlehem, PA
kudos:7
Reviews:
·PenTeleData
·Verizon Online DSL
reply to aefstoggaflm

I turned on IPv6 in my router and while I have IPv6 (for example 6to4), that web page still says

quote:
Your DNS server (possibly run by your ISP) appears to have no access to the IPv6 Internet, or is not configured to use it. This may in the future restrict your ability to reach IPv6-only sites


Which to me means, there is something else going on. This thread now can be locked, because what I want to do continues at »Test DNS servers 4 IPv6 w/o configuring computer 2 use them?
--
Please use the "yellow (IM) envelope" to contact me and please leave the URL intact.


timcuth
Braves Fan
Premium
join:2000-09-18
Pelham, AL
reply to aefstoggaflm

If no one has said it yet, just use the "dig aaaa" command.

Tim