#Help Needed with DNS and Reverse Zones

Hello World,
I need help with setting up .arpa zones in cloudflare would it work if i use my own branded / personal assigned cloudflare name servers in rDNS Delegated to get access or to use cloudflare as parent name server of the .arpa or reverse zone

Thanks for Reading!!

I already set it up

What do you mean your own branded/assigned? If you mean the business level feature which you have to contact support for, I don't see why not

no like default cloudflare nameservers

when i add a domain

the same 2 nameservers appear

Those aren't always the ones it uses

all the time

it'll pick others if there's any conflict or issue. If you try to preset them before you add the zone/domain in CF it'll also pick different ones. You always want to use the ones it gives you on zone creation

would setting them in rDNS Delegated NS Servers make them parent name server of the arpa zones

it'd make them authoritative. You can use CF for rDNS on any plan, I do for my IPv6 from RIPE.

whats "CF for rDNS"

whats "CF"

i am bad at short terms

Cloudflare

:9

oh

so

the hurricane electric

replied to me the

rDNS ns are updated like in the morning

so after that would my zones work in cloudflre

As long as you set them up right

you created it off the reverse and made ptr records?

looks sane

yes

those are reverse zones for the IPv6 Addresses

yea, as long as they're the right names should activate fine

Thanks for the help!

@rancid gull heyyyyyy

its not working 😦

can you copy those two names to this chat so I don't have to transcribe them and mess it up?

1 sec

a.5.0.f.0.7.4.0.1.0.0.2.ip6.arpa
and
b.0.5.0.d.0.0.0.0.7.4.0.1.0.0.2.ip6.arpa

.

HE isn't pointing to your delegated nameservers

2001:470:d:50b::/64 -> b.0.5.0.d.0.0.0.0.7.4.0.1.0.0.2.ip6.arpa
2001:470:f05a::/48 -> a.5.0.f.0.7.4.0.1.0.0.2.ip6.arpa

dig a.5.0.f.0.7.4.0.1.0.0.2.ip6.arpa ns @1.1.1.1

; <<>> DiG 9.18.28-1~deb12u2-Debian <<>> a.5.0.f.0.7.4.0.1.0.0.2.ip6.arpa ns @1.1.1.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 57165
;; flags: qr rd ra; QUERY: 1, ANSWER: 5, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;a.5.0.f.0.7.4.0.1.0.0.2.ip6.arpa. IN NS

;; ANSWER SECTION:
a.5.0.f.0.7.4.0.1.0.0.2.ip6.arpa. 172800 IN NS ns4.he.net.
a.5.0.f.0.7.4.0.1.0.0.2.ip6.arpa. 172800 IN NS ns1.he.net.
a.5.0.f.0.7.4.0.1.0.0.2.ip6.arpa. 172800 IN NS ns5.he.net.
a.5.0.f.0.7.4.0.1.0.0.2.ip6.arpa. 172800 IN NS ns3.he.net.
a.5.0.f.0.7.4.0.1.0.0.2.ip6.arpa. 172800 IN NS ns2.he.net.

;; Query time: 516 msec
;; SERVER: 1.1.1.1#53(1.1.1.1) (UDP)
;; WHEN: Fri Nov 01 16:51:43 GMT 2024
;; MSG SIZE rcvd: 157

not sure I understand how their setup is supposed to work fully, but if it's supposed to be simple delegation of the /48 and /64 to your own ns, it's not

Lemme ask "HE", Hurricane Electric

Waiting for their reply

Just a question how do you obtain ip6-servers.arpa

See RFC 5855

dig a.5.0.f.0.7.4.0.1.0.0.2.ip6.arpa ns @1.1.1.1

; <<>> DiG 9.16.41 <<>> a.5.0.f.0.7.4.0.1.0.0.2.ip6.arpa ns @1.1.1.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 29519
;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;a.5.0.f.0.7.4.0.1.0.0.2.ip6.arpa. IN NS

;; ANSWER SECTION:
a.5.0.f.0.7.4.0.1.0.0.2.ip6.arpa. 172800 IN NS ns5.he.net.
a.5.0.f.0.7.4.0.1.0.0.2.ip6.arpa. 172800 IN NS ns4.he.net.
a.5.0.f.0.7.4.0.1.0.0.2.ip6.arpa. 172800 IN NS ns3.he.net.

;; Query time: 1284 msec
;; SERVER: 1.1.1.1#53(1.1.1.1)
;; WHEN: Sat Nov 02 03:11:38 +06 2024
;; MSG SIZE rcvd: 121

Checked rn the ns1 and ns2 are gone.

Also

Btw

There is a thing that I noticed

The arpa zones here work on DNS.he.net, they have a lock with the soa record and I can set ns records for the arpa zones

Problem is

When I set the ns records to cloudflare it just doesnt work lol

And rDNS Delegation isn't working probably

I sent them an email but it's da weekend

And idk but I waited 3 days in da past setting the cloudflare nameservers to the arpa zones but still didn't propagate/work

An update

see the service which gives the tunnel and sets the delegation is TB and the service which edits the dns records (same company) still has the arpa domains

without delegation to HE

ok a hing happened

i created another he account with permission

i did the rDNS Delegation

IT WORKS

NOT ON MAIN ACCOUNT

BUT ON SECOND

lol

it didnt take 2 second

here a quote
"in dns either it works in 2 second or it doesnt"

guys i need serious help with cloudflre rn

so the current thing ios

is*

the thing is

for a.5.0.f.0.7.4.0.1.0.0.2.ip6.arpa cloudflare is telliung to set to:
luciane.ns.cloudflare.com

neil.ns.cloudflare.com

and for b.0.5.0.d.0.0.0.0.7.4.0.1.0.0.2.ip6.arpa its telling to set to:
colette.ns.cloudflare.com
vicky.ns.cloudflare.com

what do i do cause these two reverse zones are for same route of rDNS Delegation

I am back with Goooood news

@rancid gull hey just help me with the domain starting from b.0.0.5.d.0.0.- not working

🙂

heyy

@rancid gull what do i do?

.

;; QUESTION SECTION:
;b.0.5.0.d.0.0.0.0.7.4.0.1.0.0.2.ip6.arpa. IN NS

;; AUTHORITY SECTION:
b.0.5.0.d.0.0.0.0.7.4.0.1.0.0.2.ip6.arpa. 4900 IN NS colette.ns.cloudflare.com.
b.0.5.0.d.0.0.0.0.7.4.0.1.0.0.2.ip6.arpa. 4900 IN NS vicky.ns.cloudflare.com.
b.0.5.0.d.0.0.0.0.7.4.0.1.0.0.2.ip6.arpa. 4900 IN NS luciane.ns.cloudflare.com.
b.0.5.0.d.0.0.0.0.7.4.0.1.0.0.2.ip6.arpa. 4900 IN NS neil.ns.cloudflare.com.
can't have two sets, only 2 of those are right/should be kept.
Also looks like you made that zone in CF with the wrong name, should be b.0.5.0.d.0.0.0.0.7.4.0.1.0.0.2.ip6.arpa which is what HE DNS returns as well but you've got an extra zero after the b in your name

Yeah probably lemme fix it

One is assigned luciane*.ns.cloudflare.com* and neil*.ns.cloudflare.com* and one is colette*.ns.cloudflare.com* and vicky*.ns.cloudflare.com*

what to do in this situtation

hmm

what should i do

you mean make one pair for example
1st pair:
luciane.ns.cloudflare.com.
neil.ns.cloudflare.com.
2nd pair:
colette.ns.cloudflare.com.
vicky.ns.cloudflare.com.

you mean use a pair like:
luciane.ns.cloudflare.com
colette.ns.cloudflare.com
??

Gm

No, you just use the pair it tells you to

Doesn't matter. You just use the nameservers it tells you to for each domain. so for b.0.5, collete and vicky

Problem is the ipv6 rDNS Delegation name servers are paired
/64 and /48 will have the same rDNS nameserver

@rancid gull Thanks you very very very much for your help

tbh the issue is simply when i added the nameservers to the rDNS Delegation before cloudflare had show the NS to add they change the ns

the rDNS Delegation is Paired

for example

2001:470:b:157::/64
and
2001:470:e940::/48
have to have the same rDNS delegation you cant seperate

Here for example i own nameservers we assume: a.net and b.net:

2001:470:b:157::/64---|
                      |--------->rDNS Delegated NS: ns1, ns2, ns3, ns4, ns5
2001:470:e940::/48----|

i will definitely try to get ip6-servers.arpa

does CNAMEing work with Nameservers of cloudflare for example