Forum Discussion

jcalhoun2's avatar
jcalhoun2
New Contributor

IPv6 DNS Non-authoritative answer

I support a large group of IT user who work remotely.  I came across an issue that caused me a bit of grief, and I though I would try and understand the why a little better.  We, like most companies, support a naming convention for our hosts and depend on internal DNS servers to connect us properly to the given system, but if are lazy and us the short name we get odd ip's returned.

Example say all my servers in location 1 start with rrr and are in somewhere.com.  Most user would know to use the FQDN, but I have one guy that just types in rrr . This problem came to my attention this week and I found the follow to be true.  If our primary DNS has no entry for rrr hist, the request seems to be answered by the COX IPv6 DNS at either 2001:578:3f::30 or 2001:578:3f:1::30 and the following is returned:

C:\Users\John>nslookup rrr 2001:578:3f::30
Server:  cdns1.cox.net
Address:  2001:578:3f::30

Non-authoritative answer:
Name:    rrr
Address:  92.242.140.2

This only happens on the COX IPv6 DNS and the COX IPv4 DNS just time out.  Now this address is not even close, and seems to be somewhere in Russia.  Can someone explain why this might be happening?

DNS IPv6 nslookup

4 Replies

Sort By
Most LikedOldestNewest
Replies have been turned off for this discussion
  • ChrisL's avatar
    ChrisL
    Former Moderator
    @jcalhoun2

    I'm not sure how you're setup but perhaps this article will help:

    http://www.cox.com/residential/support/internet/article.cox?articleId=e14ee070-6448-11df-ccef-000000000000

  • jcalhoun2's avatar
    jcalhoun2
    New Contributor

    Chris,

    I think I was initially set-up to obtain Automatically, so I was getting the settings from my router.  If I reconfigure my router to use the google public DNS for IPv4 and IPv6 I do not see the same response.

    Compounding the issue is that my users using their residential connections to corporate VPN do not have the necessary rights to update these settings.

    John

     

  • ChrisL's avatar
    ChrisL
    Former Moderator
    @jcalhoun2

    If they are using VPN connections and relying on internal DNS queries to function this procedure will need to be done for reach of your customers. As you've indicated they will need access to change DNS settings to accomplish this.

  • grymwulf's avatar
    grymwulf
    Contributor II

    It sounds like you need to change the global settings for your VPN client.  Check with the vendor for the VPN solution you use on how to either force specific DNS settings, or disallow bypassing the VPN for IPv6 dns queries.  This is a known vulnerability with IPv6 and certain VPN configurations:

    http://www.techrepublic.com/article/ipv6-security-vulnerability-pokes-holes-in-vpn-providers-claims/