DNS - PowerPoint PPT Presentation
1 / 10
Title: DNS
1
DNS
- The IPv6 nightmare
2
Currently
- No IPv6 addressed root name servers
- Two standards (AAAA and A6) for forward DNS, with
two resultant standards for reverse DNS, and no
current winner - Messy, long IPv6 addresses and lots of room for
human error - ip6.int and ip6.arpa reverse zones
3
Best Practice
- See http//www.tldp.org/HOWTO/LinuxIPv6-HOWTO/hi
nts-daemons-bind.html - Forward lookup support
- AAAA
- A6 without chaining, means prefix length set to 0
- Reverse lookup support
- Reverse nibble format for zone ip6.int
- Reverse nibble format for zone ip6.arpa
4
Forward (AAAA)
- ORIGIN workshop.aarnet.net.au
- Jdb IN AAAA 20013881c0012022dfffe5bc7ba
- ORIGIN aarnet.net.au
- 6to4.ipv6 IN AAAA 2002c0e7d4051
5
Forward (A6)
6
Reverse ip6.int ip6.arpa
- Same entry but different ORIGIN
- ORIGIN 1.8.8.3.0.1.0.0.2.ip6.int
- a.b.7.c.b.5.e.f.f.f.d.2.2.0.2.0.1.0.0.0.0.0.c
400 IN PTR jdb.workshop.aarnet.net.au
.
7
Reverse ip6.arpa (chaining)
8
/etc/named.conf
- acl "zonetransfer"
- 202.6.112.5 // timtam.aarnet.edu.au
- // real secondary for IPv6 stuff
- 192.231.212.5 // dns.ipv6.aarnet.net.au
- 2001388030002/64 // dns.ipv6.aarnet.net.au
- ffff192.231.212.5 // dns.ipv6.aarnet.net.au
- 192.94.209.66 // server66.rno.workshop.aarnet.ne
t.au - ffff192.94.209.66 // server66.rno.workshop.aa
rnet.net.au - acl "trusted"
- localhost
- zonetransfer
- 1/128
9
/etc/named.conf
- options
- allow-query trusted
- allow-transfer zonetransfer
- listen-on-v6 any
- query-source-v6 address 2001388030002 port
53 - transfer-source-v6 2001388030002
- notify-source-v6 2001388030002
- / reverse IPv6 localhost /
- zone "0.0.0.0.0.0.0.0.ip6.int"
- type master
- file "0.0.0.0.0.0.0.0.ip6.int"
- allow-update none
- allow-transfer zonetransfer
- allow-query any
10
/etc/named.conf
- / AAAA reverse IPv6 block 0 of 20010388/35 /
- zone "0.8.8.3.0.1.0.0.2.ip6.int"
- type master
- file "0.8.8.3.0.1.0.0.2.ip6.int"
- allow-update none
- allow-transfer zonetransfer
- allow-query any
- / AAAA reverse IPv6 block 1 of 20010388/35 /
- zone "1.8.8.3.0.1.0.0.2.ip6.int"
- type master
- file "1.8.8.3.0.1.0.0.2.ip6.int"
- allow-update none
- allow-transfer zonetransfer
- allow-query any
11
/etc/named.conf
- / A6 reverse IPv6 block 0 of 20010388/35 /
- zone "0.8.8.3.0.1.0.0.2.ip6.arpa"
- type master
- file "0.8.8.3.0.1.0.0.2.ip6.arpa"
- allow-update none
- allow-transfer zonetransfer
- allow-query any
- / A6 reverse IPv6 block 1 of 20010388/35 /
- zone "1.8.8.3.0.1.0.0.2.ip6.arpa"
- type master
- file "1.8.8.3.0.1.0.0.2.ip6.arpa"
- allow-update none
- allow-transfer zonetransfer
- allow-query any
12
IPv6 localhost
- File /var/named/0.0.0.0.0.0.0.0.ip6.int
- _at_ 86400 IN SOA
ipv6.broadway.aarnet.net.au. root.ipv6.broadway.aa
rnet.net.au. ( - 2002061400 serial
- 3H refresh
- 15M retry
- 1W expiry
- 1D ) minimum
- 86400 IN NS
ipv6.broadway.aarnet.net.au - 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0 86400
IN PTR ipv6-localhost. - 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0 86400
IN PTR ipv6-loopback.
Recommended
CrystalGraphics Presentations
