Help Needed with DNS and Reverse Zones
Hello World,
I need help with setting up
.arpa zones in cloudflare would it work if i use my own branded / personal assigned cloudflare name servers in rDNS Delegated to get access or to use cloudflare as parent name server of the .arpa or reverse zone
Thanks for Reading!!43 Replies
I already set it up
What do you mean your own branded/assigned? If you mean the business level feature which you have to contact support for, I don't see why not
no like default cloudflare nameservers
when i add a domain
the same 2 nameservers appear
Those aren't always the ones it uses
all the time
it'll pick others if there's any conflict or issue. If you try to preset them before you add the zone/domain in CF it'll also pick different ones. You always want to use the ones it gives you on zone creation
would setting them in rDNS Delegated NS Servers make them parent name server of the arpa zones
it'd make them authoritative. You can use CF for rDNS on any plan, I do for my IPv6 from RIPE.
whats "CF for rDNS"
whats "CF"
i am bad at short terms
Cloudflare
:9
oh
so
the hurricane electric
replied to me the
rDNS ns are updated like in the morning
so after that would my zones work in cloudflre
As long as you set them up right
you created it off the reverse and made ptr records?
looks sane
yes
those are reverse zones for the IPv6 Addresses
yea, as long as they're the right names should activate fine
Thanks for the help!
@Chaika heyyyyyy
its not working š¦
can you copy those two names to this chat so I don't have to transcribe them and mess it up?
1 sec
a.5.0.f.0.7.4.0.1.0.0.2.ip6.arpa
and
b.0.5.0.d.0.0.0.0.7.4.0.1.0.0.2.ip6.arpa
.HE isn't pointing to your delegated nameservers
2001:470:d:50b::/64 -> b.0.5.0.d.0.0.0.0.7.4.0.1.0.0.2.ip6.arpa
2001:470:f05a::/48 -> a.5.0.f.0.7.4.0.1.0.0.2.ip6.arpa
dig a.5.0.f.0.7.4.0.1.0.0.2.ip6.arpa ns @1.1.1.1 ; <<>> DiG 9.18.28-1~deb12u2-Debian <<>> a.5.0.f.0.7.4.0.1.0.0.2.ip6.arpa ns @1.1.1.1 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 57165 ;; flags: qr rd ra; QUERY: 1, ANSWER: 5, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 1232 ;; QUESTION SECTION: ;a.5.0.f.0.7.4.0.1.0.0.2.ip6.arpa. IN NS ;; ANSWER SECTION: a.5.0.f.0.7.4.0.1.0.0.2.ip6.arpa. 172800 IN NS ns4.he.net. a.5.0.f.0.7.4.0.1.0.0.2.ip6.arpa. 172800 IN NS ns1.he.net. a.5.0.f.0.7.4.0.1.0.0.2.ip6.arpa. 172800 IN NS ns5.he.net. a.5.0.f.0.7.4.0.1.0.0.2.ip6.arpa. 172800 IN NS ns3.he.net. a.5.0.f.0.7.4.0.1.0.0.2.ip6.arpa. 172800 IN NS ns2.he.net. ;; Query time: 516 msec ;; SERVER: 1.1.1.1#53(1.1.1.1) (UDP) ;; WHEN: Fri Nov 01 16:51:43 GMT 2024 ;; MSG SIZE rcvd: 157not sure I understand how their setup is supposed to work fully, but if it's supposed to be simple delegation of the /48 and /64 to your own ns, it's not
Lemme ask "HE", Hurricane Electric
Waiting for their reply
Just a question how do you obtain
ip6-servers.arpaSee RFC 5855
IETF Datatracker
RFC 5855: Nameservers for IPv4 and IPv6 Reverse Zones
This document specifies a stable naming scheme for the nameservers that serve the zones IN-ADDR.ARPA and IP6.ARPA in the DNS. These zones contain data that facilitate reverse mapping (address to name). This memo documents an Internet Best Current Practice.
dig a.5.0.f.0.7.4.0.1.0.0.2.ip6.arpa ns @1.1.1.1
; <<>> DiG 9.16.41 <<>> a.5.0.f.0.7.4.0.1.0.0.2.ip6.arpa ns @1.1.1.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 29519
;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;a.5.0.f.0.7.4.0.1.0.0.2.ip6.arpa. IN NS
;; ANSWER SECTION:
a.5.0.f.0.7.4.0.1.0.0.2.ip6.arpa. 172800 IN NS ns5.he.net.
a.5.0.f.0.7.4.0.1.0.0.2.ip6.arpa. 172800 IN NS ns4.he.net.
a.5.0.f.0.7.4.0.1.0.0.2.ip6.arpa. 172800 IN NS ns3.he.net.
;; Query time: 1284 msec
;; SERVER: 1.1.1.1#53(1.1.1.1)
;; WHEN: Sat Nov 02 03:11:38 +06 2024
;; MSG SIZE rcvd: 121
Checked rn the ns1 and ns2 are gone.
Also
Btw
There is a thing that I noticed
The arpa zones here work on DNS.he.net, they have a lock with the soa record and I can set ns records for the arpa zones
Problem is
When I set the ns records to cloudflare it just doesnt work lol
And rDNS Delegation isn't working probably
I sent them an email but it's da weekend
And idk but I waited 3 days in da past setting the cloudflare nameservers to the arpa zones but still didn't propagate/work
An update
see the service which gives the tunnel and sets the delegation is TB and the service which edits the dns records (same company) still has the arpa domains
without delegation to HE
ok a hing happened
i created another he account with permission
i did the rDNS Delegation
IT WORKS
NOT ON MAIN ACCOUNT
BUT ON SECOND
lol
it didnt take 2 second
here a quote
"in dns either it works in 2 second or it doesnt"
guys i need serious help with cloudflre rn
so the current thing ios
is*
the thing is
for a.5.0.f.0.7.4.0.1.0.0.2.ip6.arpa cloudflare is telliung to set to:
luciane.ns.cloudflare.com
neil.ns.cloudflare.com
and for b.0.5.0.d.0.0.0.0.7.4.0.1.0.0.2.ip6.arpa its telling to set to:
colette.ns.cloudflare.com
vicky.ns.cloudflare.com
what do i do cause these two reverse zones are for same route of rDNS Delegation
I am back with Goooood news
@Chaika hey just help me with the domain starting from b.0.0.5.d.0.0.- not working
š
heyy
@Chaika what do i do?
.
;; QUESTION SECTION: ;b.0.5.0.d.0.0.0.0.7.4.0.1.0.0.2.ip6.arpa. IN NS ;; AUTHORITY SECTION: b.0.5.0.d.0.0.0.0.7.4.0.1.0.0.2.ip6.arpa. 4900 IN NS colette.ns.cloudflare.com. b.0.5.0.d.0.0.0.0.7.4.0.1.0.0.2.ip6.arpa. 4900 IN NS vicky.ns.cloudflare.com. b.0.5.0.d.0.0.0.0.7.4.0.1.0.0.2.ip6.arpa. 4900 IN NS luciane.ns.cloudflare.com. b.0.5.0.d.0.0.0.0.7.4.0.1.0.0.2.ip6.arpa. 4900 IN NS neil.ns.cloudflare.com.can't have two sets, only 2 of those are right/should be kept. Also looks like you made that zone in CF with the wrong name, should be
b.0.5.0.d.0.0.0.0.7.4.0.1.0.0.2.ip6.arpa which is what HE DNS returns as well but you've got an extra zero after the b in your nameYeah probably lemme fix it
One is assigned luciane.ns.cloudflare.com and neil.ns.cloudflare.com and one is colette.ns.cloudflare.com and vicky.ns.cloudflare.com
what to do in this situtation
hmm
what should i do
you mean make one pair for example
1st pair:
luciane.ns.cloudflare.com.
neil.ns.cloudflare.com.
2nd pair:
colette.ns.cloudflare.com.
vicky.ns.cloudflare.com.
you mean use a pair like:
luciane.ns.cloudflare.com
colette.ns.cloudflare.com
??
Gm
No, you just use the pair it tells you to
Doesn't matter. You just use the nameservers it tells you to for each domain. so for b.0.5, collete and vicky
Problem is the ipv6 rDNS Delegation name servers are paired
/64 and /48 will have the same rDNS nameserver
@Chaika Thanks you very very very much for your help
tbh the issue is simply when i added the nameservers to the rDNS Delegation before cloudflare had show the NS to add they change the ns
the rDNS Delegation is Paired
for example
2001:470:b:157::/64
and
2001:470:e940::/48
have to have the same rDNS delegation you cant seperate
Here for example i own nameservers we assume: a.net and b.net:
i will definitely try to get ip6-servers.arpa
does CNAMEing work with Nameservers of cloudflare for example
somethingexample.com -> cname: personalnameservername.ns.cloudflare.com
then i set somethingexample.com as nameserver to the domain i want nameserver as