DNS and BIND on IPv6
If you are getting ready to roll out IPv6 in your community, this concise e-book presents the necessities you must aid this protocol with DNS. you will learn the way DNS used to be prolonged to house IPv6 addresses, and the way you could configure a BIND identify server to run at the community. This booklet additionally good points tools for troubleshooting issues of IPv6 ahead- and reverse-mapping, and strategies for supporting islands of IPv6 consumers converse with IPv4 resources.
- DNS and IPv6—Learn the constitution and illustration of IPv6 addresses, and the syntaxes of AAAA and PTR files within the ip6.arpa IPv6 reverse-mapping zone
- BIND on IPv6—Use IPv6 addresses and networks in ACLs, and sign in and delegate to IPv6-speaking identify servers
- Resolver Configuration—Configure well known stub resolvers (Linux/Unix, MacOS X, and home windows) to question IPv6-speaking identify servers
- DNS64—Learn in regards to the transition know-how that enables consumers with IPv6-only community stacks to speak with IPv4 servers
- Troubleshooting—Use the nslookup and dig troubleshooting instruments to appear up the IPv6 addresses of a website identify, or reverse-map an IPv6 tackle to a site name
project, and a number may well get one IPv6 tackle utilizing SLAAC and one other utilizing DHCPv6. a number can also obtain resolver configuration from either tools, after which merge them. complicated, eh? Resolver Configuration utilizing DHCPv6 IPv6 helps dynamic configuration of hosts utilizing DHCPv6, and of course you should use DHCPv6 to configure a resolver. DHCPv6 has new resolver configuration suggestions, though—you can’t use the standard DHCPv4 recommendations to configure your resolver over DHCPv6. the recent.
DNS64 as played by means of a recursive identify server, yet authoritative identify servers can enforce DNS64, too. actually, in case you configure your identify server to do DNS64 and it’s additionally authoritative for a number of zones, it’ll practice DNS64 to queries in these zones by way of default, too. accordingly, the identify server synthesizes AAAA files from A files in zones for which it’s authoritative. (Of path, it’ll purely do that if no AAAA files exist for the area name.) a good way to limit DNS64 to recursive.
ultimately, to forward-map and reverse-map IPv6 addresses, use the question forms aaaa and ptr, respectively. Here’s how you’d lookup suckerpunch.movie.edu’s IPv6 handle: % nslookup > set q=aaaa > suckerpunch.movie.edu. Server: terminator.v6.movie.edu. deal with: 2001:db8:cafe:1::1#53 suckerpunch.movie.edu has AAAA tackle 2001:db8:cafe:f9::d3 > And here’s how you’d reverse-map the deal with. observe that you just don’t have to specify the question variety explicitly—nslookup is sensible sufficient to acknowledge the IPv6.
Assign the bits after its RIR-assigned prefix as much as the /48 allotted to every client finish website. Coincidentally, motion picture collage simply prepared to get IPv6 connectivity from our ISP. The ISP assigned us a /48-sized IPv6 community, 2001:db8:cafe::/48, which we’ll subnet utilizing the scheme simply defined into /64-sized subnetworks. word What’s this fe80:: handle? If you’re poking round on a Unix or Linux method with ifconfig, netstat or the like, you'll realize that your host’s community.
Cgi.movie.edu. IN NS tron.cgi.movie.edu. avatar.cgi.movie.edu. IN A 184.108.40.206 IN AAAA 2001:db8:cafe:10::2 tron.cgi.movie.edu. IN A 220.127.116.11 IN AAAA 2001:db8:cafe:11::2 It’s worthy reiterating right here that glue A or AAAA documents are worthy in delegation merely while a subdomain is delegated to a reputation server that results in the identify of the subdomain (as tron.cgi.movie.edu results in cgi.movie.edu). If that’s no longer precise, glue documents aren’t wanted. Server Statements for IPv6 identify Servers.