Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1744
Views
0
Helpful
1
Replies

IPV6 deployment problem with mail servers

gnijs
Level 4
Level 4

‎10-29-2014 06:24 AM - edited ‎03-01-2019 05:45 PM

Hello all,

I have a problem with an IPV6 deployment at home. My ISP returns both A and AAAA records for its outbound mail server, but this mail server is protected by a firewall which allows only IP addresses of the providers own ip space (so that no other users can use its mail server).

This is ok. But now there is an IPv6 problem.

I have IPv6 connectivity through a tunnel. So when i use IPV4, my source ip indicates i am from BE, when i use IPV6 , my source ip indicates i am from US.

The problem is now that once i enable IPV6, my PC is going to prefer the IPV6 AAAA record and is going to go via the tunnel interface, source is US and therefore my ISP will block me, and i am unable to send any mails. I need to find a way to force an IPV4 A record return for this server, even if IPV6 is enabled or not.

My router is running a cisco IOS forwarding DNS server, and i thought to block the DNS resolution of this server via DNS view-lists and then add a static IPV4 mapping only (ip host x y), but this doesn't work: even with the static mapping defined, the router is still blocking the DNS request based on the viewlist and name match.

Any other ideas ?

regards,

Geert

Labels:
0 Helpful
1 Reply 1

James Leinweber
Level 4
Level 4

‎01-07-2015 12:06 PM

One option would be to tweak the OS prefix policy table to prefer v4 to v6.  On Linux this is in /etc/gai.conf; on windows you'd run "netsh interface ipv6 set prefixpolicies ...".  The side effect would be that you'd only do v6 with the v6-only sites, not with the dual-stack sites.

0 Helpful
Customers Also Viewed These Support Documents