|
AICCU can't f find any brokers with Google Public DNS
![[gb]](/s/countries/gb.gif) Shadow Hawkins on Tuesday, 05 October 2010 14:16:27
[admin edit, original subject was "AYIYA Not Seeing Any Brokers With Google Public DNS", changed to "AICCU can't find any brokers with Google Public DNS"]
I use the Google Public DNS servers (8.8.8.8 and 8.8.4.4) because I find my ISPs servers incredibly unreliable at certain times of day and OpenDNS too intrusive, however they appear to be breaking both the GUI and Console versions of AYIYA.
The GUI version doesn't fill in a "Provider" automatically when using Google to resolve, and upon manually specifying one the OK button is greyed out. Likewise, the console version gives the following error:
>aiccu brokers
SixXS|tic://tic.sixxs.net|http://www.sixxs.net|be ch de ee fi gb ie it nl nz pl
pt si se usWarning: Couldn't find global Tunnel Brokers List, please check your
DNS settings and read the FAQ.
Is there any workaround to this, short of using another Public DNS? I will try Level3 Communications but as far as I know they are using the exact same setup as Google so I doubt this will aid anything.
AICCU can't f find any brokers with Google Public DNS
I think you have a different issues, as at least the 8.8.8.8 node I can query from here works quite fine:
# dig @8.8.8.8 _aiccu.sixxs.net txt
;; Truncated, retrying in TCP mode.
; <<>> DiG 9.7.1-P2 <<>> @8.8.8.8 _aiccu.sixxs.net txt
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 58515
;; flags: qr rd ra; QUERY: 1, ANSWER: 10, AUTHORITY: 3, ADDITIONAL: 4
;; QUESTION SECTION:
;_aiccu.sixxs.net.IN TXT
;; ANSWER SECTION:
_aiccu.sixxs.net.3589INTXT"ACADEMIA Sinica Computing Centre" "tsp://tb2.ipv6.ascc.net" "http://tb2.ipv6.ascc.net" "tw"
_aiccu.sixxs.net.3589INTXT"# <name> | <url> | website | tld's"
_aiccu.sixxs.net.3589INTXT"# http://www.sixxs.net/tools/aiccu/brokers/"
_aiccu.sixxs.net.3589INTXT"SixXS" "tic://tic.sixxs.net" "http://www.sixxs.net" "be de ee fi gb ie it nl nz pl pt si se us"
_aiccu.sixxs.net.3589INTXT"AARNet" "tsp://broker.aarnet.net.au" "http://broker.aarnet.net.au" "au"
_aiccu.sixxs.net.3589INTXT"UKERNA" "tsp://broker.ipv6.ac.uk" "http://www.broker.ipv6.ac.uk" "gb"
_aiccu.sixxs.net.3589INTXT"Wanadoo France" "tsp://ts.ipv6.wanadoo.fr" "http://www.ipv6.wanadoo.fr" "fr"
_aiccu.sixxs.net.3589INTXT"ECS Southampton" "tsp://broker.ecs.soton.ac.uk" "http://broker.ecs.soton.ac.uk" "gb"
_aiccu.sixxs.net.3589INTXT"Hexago / Freenet6" "tsp://broker.freenet6.net" "http://www.freenet6.net" "ca"
_aiccu.sixxs.net.3589INTXT"# AICCU TIC/TSP Servers"
;; Query time: 886 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Tue Oct 5 08:15:01 2010
;; MSG SIZE rcvd: 954
As you can see at the top, check that your firewall allows port 53/TCP as that is what gets used as a fallback for these queries. Also note that there are a lot of NAT boxes which are broken with regards to support for DNS over TCP transport.
Note that it is AICCU which has this issue when trying to get the list of brokers for TIC support, thus has not directly anything to do with AYIYA. If you want to circument that, just plug in the "tunnel_id T<xxx>" in the configuration file and that list does not have to be queried and all should work just fine.
Simple solution: install a local / your own recursive DNS server.
AICCU can't f find any brokers with Google Public DNS
Shadow Hawkins on Tuesday, 05 October 2010 14:54:47
I changed to Level3's public resolvers (4.2.2.*) and had better results with both the GUI and CLI versions of AICCU. The GUI version picked up the defailt SixXS TIC and the CLI version returned multiple brokers, but still gave a message indicating it couldn't query all of them for some reason.
However, Level3's resolvers seem to be experiencing major issues at the moment, not sure of the reason for that, so I returned to Google and found that my tunnel still worked using the existing aiccu.conf, so I guess it's sorted itself out.
AICCU can't f find any brokers with Google Public DNS
Shadow Hawkins on Tuesday, 05 October 2010 15:03:59
Out of curiosity, I dug _aiccu.sixxs.net and got the same result as you:
C:\dig>dig @8.8.8.8 _aiccu.sixxs.net txt
;; Truncated, retrying in TCP mode.
; <<>> DiG 9.3.2 <<>> @8.8.8.8 _aiccu.sixxs.net txt
; (1 server found)
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 2011
;; flags: qr rd ra; QUERY: 1, ANSWER: 10, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;_aiccu.sixxs.net. IN TXT
;; ANSWER SECTION:
_aiccu.sixxs.net. 2436 IN TXT "# AICCU TIC/TSP Servers"
_aiccu.sixxs.net. 2436 IN TXT "# http://www.sixxs.net/tools/ai
ccu/brokers/"
_aiccu.sixxs.net. 2436 IN TXT "# <name> | <url> | website | tl
d's"
_aiccu.sixxs.net. 2436 IN TXT "SixXS" "tic://tic.sixxs.net" "h
ttp://www.sixxs.net" "be de ee fi gb ie it nl nz pl pt si se us"
_aiccu.sixxs.net. 2436 IN TXT "ACADEMIA Sinica Computing Centr
e" "tsp://tb2.ipv6.ascc.net" "http://tb2.ipv6.ascc.net" "tw"
_aiccu.sixxs.net. 2436 IN TXT "Hexago / Freenet6" "tsp://broke
r.freenet6.net" "http://www.freenet6.net" "ca"
_aiccu.sixxs.net. 2436 IN TXT "AARNet" "tsp://broker.aarnet.ne
t.au" "http://broker.aarnet.net.au" "au"
_aiccu.sixxs.net. 2436 IN TXT "ECS Southampton" "tsp://broker.
ecs.soton.ac.uk" "http://broker.ecs.soton.ac.uk" "gb"
_aiccu.sixxs.net. 2436 IN TXT "UKERNA" "tsp://broker.ipv6.ac.u
k" "http://www.broker.ipv6.ac.uk" "gb"
_aiccu.sixxs.net. 2436 IN TXT "Wanadoo France" "tsp://ts.ipv6.
wanadoo.fr" "http://www.ipv6.wanadoo.fr" "fr"
;; Query time: 33 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Tue Oct 05 14:02:57 2010
;; MSG SIZE rcvd: 778
AICCU can't f find any brokers with Google Public DNS
Shadow Hawkins on Tuesday, 05 October 2010 15:07:40
I just realised that Windows actually queries DNS through my NAT device so I dug the same domain using my Gateway IP and it turns out it's not allowing DNS over TCP like you suggested:
C:\dig>dig @192.168.0.1 _aiccu.sixxs.net txt
;; Truncated, retrying in TCP mode.
;; Connection to 192.168.0.1#53(192.168.0.1) for _aiccu.sixxs.net failed: connec
tion refused.
I only have one tunnel so until I require more I'll just use the hardcoded .conf option.
AICCU can't f find any brokers with Google Public DNS
If your NAT device is giving issues like that better start upgrading it.
(With upgrade I mean change firmware and/or replace)
Most very likely it does not properly support quering IPv6 (AAAA) records, and don't forget about upcoming DNSSEC support which might also cause the need for TCP support.
|
![[ch]](/s/countries/ch.gif)
on Tuesday, 05 October 2010 14:21:18
Posting is only allowed when you are