What's new

IPv6, DNS & Me

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

ChicagoJoe

New Around Here
I looked through about 10 pages after searching 'IPv6 DNS' and didn't find anything that came anywhere close.

So, quick background:
I'm not doing anything that I think is too bizarre [considering the audience here ;) ].
I've got an AC3200, a Synology DS215j, several Mac laptops, several iMacs, several Apple tablets and several Apple iPhones (what can I say, we like Apple.)
Everything is working well.

The DS215j server does TM backups, hosts email for my domain (Google provides outside DNS) and provides inside DNS.

I've got Comcast [ :| ] and static IPv4 address and an IPv6 address.
The AC3200 is picking up the IPv6 and passing it on the inside LAN.

Anything IPv4 is working fine.

The problem:
When the mobile devices are on the inside LAN, they CANNOT reach the mail server at mail.mydomain.com.
When the mobile devices are on LTE (AT&T or T-Mobile) they CAN reach the mail server.
All other computers on the inside LAN CAN reach the mail server.

Additional findings:
Since the only problem devices were mobile (iPhones, iPads) and I couldn't really see inside them (logging) to see what was happening, it was difficult to get more info. I did recall today that I have a DIG app on one of the iPhones, so I gave that a spin and compared the output:

From inside LAN
Shared from ISC Dig for iOS
; <<>> DiG 9.10.4 <<>> @2603:300a:xxxx:xxxx::1 @192.168.3.10 @208.67.222.222 mail.mydomain.com +sit +dnssec +noqr +multiline
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 26486
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;mail.mydomain.com. IN A


;; Query time: 7 msec
;; SERVER: 2603:300a:xxxx:xxxx::1#53(2603:300a:xxxx:xxxx::1)
;; WHEN: Sun Oct 16 18:44:27 CDT 2016
;; MSG SIZE rcvd: 36

From AT&T LTE
Shared from ISC Dig for iOS
; <<>> DiG 9.10.4 <<>> @172.26.38.1 mail.mydomain.com +sit +dnssec +noqr +multiline
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 26220
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags: do; udp: 4096
;; QUESTION SECTION:
;mail.mydomain.com. IN A

;; ANSWER SECTION:
mail.mydomain.com. 20 IN A 96.92.xxx.xxx


;; Query time: 112 msec
;; SERVER: 172.26.38.1#53(172.26.38.1)
;; WHEN: Sun Oct 16 18:44:55 CDT 2016
;; MSG SIZE rcvd: 63
and I can give an example of one that works in both locations for comparison:
From inside LAN
Shared from ISC Dig for iOS
; <<>> DiG 9.10.4 <<>> @2603:300a:xxxx:xxxx::1 @192.168.3.10 @208.67.222.222 www.snbforums.com +sit +dnssec +noqr +multiline
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 14276
;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;www.snbforums.com. IN A

;; ANSWER SECTION:
www.snbforums.com. 157 IN CNAME snbforums.com.
snbforums.com. 157 IN A 104.25.234.15
snbforums.com. 157 IN A 104.25.235.15


;; Query time: 953 msec
;; SERVER: 2603:300a:xxxx:xxxx::1#53(2603:300a:301:9cf0::1)
;; WHEN: Sun Oct 16 18:58:25 CDT 2016
;; MSG SIZE rcvd: 92

From AT&T LTE
Shared from ISC Dig for iOS
; <<>> DiG 9.10.4 <<>> @172.26.38.1 www.snbforums.com +sit +dnssec +noqr +multiline
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 57328
;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags: do; udp: 4096
;; QUESTION SECTION:
;www.snbforums.com. IN A

;; ANSWER SECTION:
www.snbforums.com. 300 IN CNAME snbforums.com.
snbforums.com. 300 IN A 104.25.235.15
snbforums.com. 300 IN A 104.25.234.15


;; Query time: 77 msec
;; SERVER: 172.26.38.1#53(172.26.38.1)
;; WHEN: Sun Oct 16 18:58:44 CDT 2016
;; MSG SIZE rcvd: 92

To me it looks like it's definitely something to do with the way Merlin is handling the IPv6 DNS query.
I tried changing the IPv6 DNS setting in Merlin (Connect to DNS Server automatically: DISABLE) & manual IPv6 DNS servers (the DS215j global IPv6 address & OpenDNS IPv6 address) and renewing the DHCP on the iPhone but it still points to the router IP (2603:300a:xxxx:xxxx::1).

Any suggestions about what to change or what else to look for in terms of collecting more data for further analysis?
 
Comcast IPv6 simply doesn't work right in my limited experience. I looked around the forum rather recently in fact for some troubleshooting on that only to find several instances of respected members saying versions of the same thing.

http://www.snbforums.com/threads/ipv6-not-working-ac5300.34871/#post-282431

For all the things I would love to blame Comcast for, I don't think this is something that is Comcast's fault. In fact, IPv6 is working fine with Comcast on my end: all the IPv6 tests (ipv6-test.com; ipv6now.com.au; various DIG tests come back fine) in fact I'm using only IPv6 to do this response (disabled IPv4 and checked with ifconfig).

Which reminds me: how to access the web interface when you're only using IPv6?

After going pure IPv6 on my iMac, I'm having DNS problems there too: manually configuring IPv6 DNS to point to the DS215j broke reachability to anything so looks like Synology's IPv6 support may need some work (either lacking or not easy to see.)
Looks like there's more work to be done at home to get IPv6 working all around.

So, between miscellaneous DNS issues on iOS devices and this Synology server, I'm just going to disable it all around until I can get it figured out.

Thanks for your suggestions.
 
For all the things I would love to blame Comcast for, I don't think this is something that is Comcast's fault. In fact, IPv6 is working fine with Comcast on my end: all the IPv6 tests (ipv6-test.com; ipv6now.com.au; various DIG tests come back fine) in fact I'm using only IPv6 to do this response (disabled IPv4 and checked with ifconfig).

Which reminds me: how to access the web interface when you're only using IPv6?

After going pure IPv6 on my iMac, I'm having DNS problems there too: manually configuring IPv6 DNS to point to the DS215j broke reachability to anything so looks like Synology's IPv6 support may need some work (either lacking or not easy to see.)
Looks like there's more work to be done at home to get IPv6 working all around.

So, between miscellaneous DNS issues on iOS devices and this Synology server, I'm just going to disable it all around until I can get it figured out.

Thanks for your suggestions.
Synology does have an awkward IPV6 implementation...
 

Similar threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top