130 likes | 256 Views
Name Service in IPv6. Mohd Norman Maraddin. IPv6 and DNS. Assumptions : Everyone knows / has little knowledge on how to configure the IPv4 DNS. Basic Ideas. DNS in IPv6 is much like DNS in IPv4 Keep files and delegations as simple as possible. Can use IPv4 as transport for DNS for now.
E N D
Name Service in IPv6 Mohd Norman Maraddin
IPv6 and DNS • Assumptions : Everyone knows / has little knowledge on how to configure the IPv4 DNS
Basic Ideas • DNS in IPv6 is much like DNS in IPv4 • Keep files and delegations as simple as possible. • Can use IPv4 as transport for DNS for now. • Modern versions of Bind will work – Bind9 is stable and works with IPv6. • There is work on dynamic DNS in progress, but we don’t need to worry about that for now.
Important Terms • A – address record maps a host name to 32-bit IPv4 address (Forward lookup) • AAAA – address record maps a host name to 128-bit IPv6 address (Forward lookup) • ip6.arpa – Reverse mapping name space for IPv6 • ip6.int – Reverse mapping name space which has been deprecated but still maintained by some hosts
Platforms • FreeBSD or LINUX • Bind/DNS • Version 9 with IPv6 support. www.bind9.net/manuals www.isc.org • Name Server Daemon (NSD) • Latest - version 2.3.3 www.nlnetlabs.nl/nsd/ • Microsoft DNS • Windows server 2003
Forward Lookup (AAAA) • Uses AAAA records for assign IPv6 addresses to names. • Multiple addresses possible for any given name – for example, in a multi-homed situation. • Can assign A records and AAAA records to a given name/domain. • Can also assign separate domains for IPv6 and IPv4. • Don’t be afraid to experiment!
Configuration – Sample Forward Lookup • ;; nav6.org (use your favorite naming scheme) • $TTL 86400 • @ IN SOA ns1.nav6.org. root.nav6.org. ( • 2006071701 ; serial - YYYYMMDDXX • 21600 ; refresh - 6 hours • 1200 ; retry - 20 minutes • 3600000 ; expire - long time • 86400) ; minimum TTL - 24 hours • ;; Nameservers • IN NS ns1.nav6.org. • IN NS ns2.nav6.org. • ;; Hosts with just A records • norman IN A 219.93.2.111 • ;; Hosts with both A and AAAA records • rahmat IN A 219.93.2.115 • IN AAAA 2001:468:100::2 • :: Separate domain • $ORIGIN ip6.domain.edu • cwtan IN AAAA 2001:468:100::1
Reverse lookup (ip6.arpa) • Reverses should be put in for both ip6.int and ip6.arpa domains. • The ip6.int domains has been deprecated, but some hosts still use them. • Can use same file for both – use the @ notation and point to the same file in the named.conf file.
Configuration – Reverse Lookup • ;; 0.0.0.0.0.0.1.0.8.6.4.0.1.0.0.2.rev (use your favorite naming scheme • ;; These are reverses for 2001:468:100::/64) • ;; File can be used for both ip6.arpa and ip6.int. • $TTL 86400 • @ IN SOA ns1.nav6.org. root.nav6.org. ( • 2002093000 ; serial - YYYYMMDDXX • 21600 ; refresh - 6 hours • 1200 ; retry - 20 minutes • 3600000 ; expire - long time • 86400) ; minimum TTL - 24 hours • ;; Nameservers • IN NS ns1.nav6.org. • IN NS ns2.nav6.org. • 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0 IN PTR norman.nav6.org • 2.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0 IN PTR rahmat.nav6.org • ;; • ;; Can delegate to other nameservers in the usual way • ;;
Sample configuration file (named.conf) • // named.conf (use your favorite naming scheme) • zone “nav6.org” { • type mater; • file “master/nav6.org”; • } • zone “0.0.0.0.0.0.1.0.8.6.4.0.1.0.0.2.ip6.int" { • type master; • file "master/0.0.0.0.0.0.1.0.8.6.4.0.1.0.0.2.rev"; • }; • zone “0.0.0.0.0.0.1.0.8.6.4.0.1.0.0.2.ip6.arpa" { • type master; • file "master/0.0.0.0.0.0.1.0.8.6.4.0.1.0.0.2.rev"; • };
How to test? • Try resolving an IPv6 name – ping the an IPv6 domain name • Try to resolve using nslookup command: • nslookup v6training.nav6.org or • ping v6training.nav6.org • Should see that the name being resolved to IPv6 address
Issues • IPv6 address is long and this create space for human error especially in the reverse lookup
References • http://www.isc.org/