Re: [swinog] 'known' DNS Problems with Migros Banking App?

9 Aug 2016


      I have to use this ½¬#6 piece of ł@#¼ too.
(compared to the old stick, I now have to run a windows VM for this, explains my slight anger?)
I think my VM is joined to my domaincontroller on a 2012 (without R2), which has a global v6 IP address. and that one is also the DNS
And the banking works, just loves to keep showing 404 errors all over when the session expires
Silvan
----- Ursprüngliche Mail -----
Von: "Benoit Panizzon" benoit.panizzon@imp.ch
An: swinog@lists.swinog.ch
Gesendet: Dienstag, 9. August 2016 13:47:58
Betreff: [swinog] 'known' DNS Problems with Migros Banking App?
Hello
One customer contacted us, because the Migros Banking App does not work
from within our network and asked me to contact the Migros NOC to find
out what we should change to make it work.
...
From the Migros NOC I got the feedback, that this is an issue they
observed with customers whose ISP have IPv6 enabled DNS Server. They
recommend that either the ISP disables IPv6 on the nameservers, or that
the customers uses a different ISP, for example via Mobile Phone
Hotspot to use their Banking app.
Apparently UPC Cablecom is another ISP with the same issue and cablecom
is able to resolve the issue by disabling IPv6 for the affected
customers.
I am a bit puzzled. I first suspected a DNSSEC issue as our servers do
validate DNSSEC. But this does not seem to be the case.
I can resolve the hostnames without any problems via our DNS Servers.
Our DNS Servers are IPv6 enabled. When another DNS Server has an
IPv6 address, they will prefer IPv6.
But our customer does not get an IPv6 address. So his local resolver
does only know the IPv4 address of our DNS Servers. The Migros DNS
Servers do not publish an IPv6 address. So how is IPv6 involved in this
issue?
The Domain in Question: mbmid.ch is:
mbmid.ch.               241     IN      NS      ns1.datacenter-migros.ch.
mbmid.ch.               241     IN      NS      migze104.migros.ch.
mbmid.ch.               241     IN      NS      migze100.migros.ch.
ns1.datacenter-migros.ch. 146   IN      A       164.14.130.66
migze100.migros.ch.     3222    IN      A       146.67.146.20
migze104.migros.ch.     3222    IN      A       193.8.177.201
They are not DNSSEC Signed.
The only issue I found is that ns1.datacenter-migros.ch is not
published in the registrar glue record, but this also would not lead to
a failure to resolve the hostname.
Has anyone else come across that issue and could give me a hint where
to further investigate?
-Benoît Panizzon-
-- 
I m p r o W a r e   A G    -    Leiter Commerce Kunden
______________________________________________________

Zurlindenstrasse 29             Tel  +41 61 826 93 00
CH-4133 Pratteln                Fax  +41 61 826 93 01
Schweiz                         Web  http://www.imp.ch
______________________________________________________


_______________________________________________
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

Re: [swinog] 'known' DNS Problems with Migros Banking App?