I have to use this ½¬#6 piece of ł@#¼ too. (compared to the old stick, I now have to run a windows VM for this, explains my slight anger?)
I think my VM is joined to my domaincontroller on a 2012 (without R2), which has a global v6 IP address. and that one is also the DNS And the banking works, just loves to keep showing 404 errors all over when the session expires Silvan ----- Ursprüngliche Mail ----- Von: "Benoit Panizzon" <benoit.paniz...@imp.ch> An: swinog@lists.swinog.ch Gesendet: Dienstag, 9. August 2016 13:47:58 Betreff: [swinog] 'known' DNS Problems with Migros Banking App? Hello One customer contacted us, because the Migros Banking App does not work from within our network and asked me to contact the Migros NOC to find out what we should change to make it work. From the Migros NOC I got the feedback, that this is an issue they observed with customers whose ISP have IPv6 enabled DNS Server. They recommend that either the ISP disables IPv6 on the nameservers, or that the customers uses a different ISP, for example via Mobile Phone Hotspot to use their Banking app. Apparently UPC Cablecom is another ISP with the same issue and cablecom is able to resolve the issue by disabling IPv6 for the affected customers. I am a bit puzzled. I first suspected a DNSSEC issue as our servers do validate DNSSEC. But this does not seem to be the case. I can resolve the hostnames without any problems via our DNS Servers. Our DNS Servers are IPv6 enabled. When another DNS Server has an IPv6 address, they will prefer IPv6. But our customer does not get an IPv6 address. So his local resolver does only know the IPv4 address of our DNS Servers. The Migros DNS Servers do not publish an IPv6 address. So how is IPv6 involved in this issue? The Domain in Question: mbmid.ch is: mbmid.ch. 241 IN NS ns1.datacenter-migros.ch. mbmid.ch. 241 IN NS migze104.migros.ch. mbmid.ch. 241 IN NS migze100.migros.ch. ns1.datacenter-migros.ch. 146 IN A 164.14.130.66 migze100.migros.ch. 3222 IN A 146.67.146.20 migze104.migros.ch. 3222 IN A 193.8.177.201 They are not DNSSEC Signed. The only issue I found is that ns1.datacenter-migros.ch is not published in the registrar glue record, but this also would not lead to a failure to resolve the hostname. Has anyone else come across that issue and could give me a hint where to further investigate? -Benoît Panizzon- -- I m p r o W a r e A G - Leiter Commerce Kunden ______________________________________________________ Zurlindenstrasse 29 Tel +41 61 826 93 00 CH-4133 Pratteln Fax +41 61 826 93 01 Schweiz Web http://www.imp.ch ______________________________________________________ _______________________________________________ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog _______________________________________________ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
