I see A and AAAA requests for for "ds.test-ipv6.com" that fail.
On Mon, Apr 28, 2014 at 11:37 AM, Dave Taht <dave.t...@gmail.com> wrote: > I have put a link up to two of jim's captures going to test-ipv6 via cero, > one with dnssec enabled, captured at the local laptop > > http://snapon.lab.bufferbloat.net/~cero2/baddns/ > > definately a lot of missing responses when captured at this end. the local > laptop is using a local dnsmasq forwarder. > > It is falling back to trying a recursive lookup on the default domain ( > ipv6.test-ipv6.com.home.lan ) - which it does do a nxdomain for > immediately... > > > > On Mon, Apr 28, 2014 at 10:03 AM, Dave Taht <dave.t...@gmail.com> wrote: > >> >> >> >> On Mon, Apr 28, 2014 at 9:55 AM, Jim Gettys <j...@freedesktop.org> wrote: >> >>> Comcast recently lit up IPv6 native dual stack in the Boston area. >>> >>> The http://test-ipv6.com/ web site complains about DNS problems unless >>> dnssec is disabled; if it is, I get various timeouts. >>> >>> >>> >> Test with IPv4 DNS record >>> ok (4.196s) >>> Test with IPv6 DNS record >>> ok (0.115s) using ipv6 >>> Test with Dual Stack DNS record >>> timeout (11.882s) >>> >> >> I don't know what this test does. try a local query over ipv6? >> >> Test for Dual Stack DNS and large packet >>> timeout (11.817s) >>> Test IPv4 without DNS >>> ok (0.214s) using ipv4 >>> Test IPv6 without DNS >>> ok (0.204s) using ipv6 >>> Test IPv6 large packet >>> ok (0.120s) using ipv6 >>> Test if your ISP's DNS server uses IPv6 >>> slow (8.752s) >>> Find IPv4 Service Provider >>> timeout (11.968s) >>> Find IPv6 Service Provider >>> ok (0.126s) using ipv6 ASN 7922 >>> Test for buggy DNS >>> undefined (5.003s) >>> >>> DNS server addresses look reasonable for Comcast. >>> DNS 1: 75.75.75.75 >>> DNS 2: 75.75.76.76 >>> >> >> To try to isolate things a little bit, you can turn off fetching ipv4 >> dns servers >> with >> >> option peerdns '0' >> >> in the wan (ge00) stanza of /etc/config/network >> >> and let the wan6 stanza fetch them. >> >> A packet capture of it working vs not working would be good. >> >> tcpdump -i ge00 -w cap1.cap port 53 >> >> Also capture on the local interface. >> >> DNS 1: 2001:558:feed::1 >>> DNS 2: 2001:558:feed::2 >>> >>> Today, the problem seems consistent with turning dnssec on and off on >>> the router. If enabled, I have problems; if disabled, I get a clean bill >>> of health out of test-ipv6.com. >>> - Jim >>> >>> >>> _______________________________________________ >>> Cerowrt-devel mailing list >>> cerowrt-de...@lists.bufferbloat.net >>> https://lists.bufferbloat.net/listinfo/cerowrt-devel >>> >>> >> >> >> -- >> Dave Täht >> >> NSFW: >> https://w2.eff.org/Censorship/Internet_censorship_bills/russell_0296_indecent.article >> > > > > -- > Dave Täht > > NSFW: > https://w2.eff.org/Censorship/Internet_censorship_bills/russell_0296_indecent.article > -- Dave Täht NSFW: https://w2.eff.org/Censorship/Internet_censorship_bills/russell_0296_indecent.article
_______________________________________________ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss