[6BONE] A DNS question re 6to6/IPv6 host IN A records.
Michael Kjorling
michael@kjorling.com
Mon, 22 Apr 2002 16:47:22 +0200 (CDT)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Apr 22 2002 08:35 -0400, Phil Benchoff wrote:
> Since people are posting about how they are handling DNS issues, I thought
> I would explain what I do as well.
>
> <whatever>.example.edu normal v4 records
> <whatever>.ip6.example.edu AAAA records hosted on our production bind-8
> <whatever>.ip6a6.example.edu A6 records hosted on test bind-9
> <whatever>.ipv6.example.edu A,A6,allow-v6-synthesis test bind-9
>
> * The only zone data I enter is the ip6a6 data. The rest are generated
> from that file.
>
> * The ipv6.example.edu zone is the simulation of what will happen when
> we move the v6 stuff into the production zone. The only issue to
> deal with is servers that do not support v6 on all of their services.
>
> * The ip6 and ip6a6 zones are primarily used for testing exactly how
> applications react when there is a specific type of RR returned.
>
> So far, this appears to work pretty well.
>
> Phil
Servers not supporting IPv6 on all services is the biggest obstacle
for me. I need to upgrade to a more recent glibc in order to get
support for UDP over IPv6 with the Linux 2.4 kernel tree, but
upgrading the C library isn't something you do in a coffee break.
Other than that, all services on one of my boxes are IPv6-enabled.
As it is now, I have put in A and AAAA records at the same node in the
DNS, and added IPv4-only and IPv6-only nodes below it. So:
whatever.example.org. A 127.0.0.1
AAAA ::1
ipv4.whatever.example.org. A 127.0.0.1
ipv6.whatever.example.org. AAAA ::1
This way, people who have IPv6-capable clients will get whatever they
are looking for (except DNS, unfortunately - see above on UDP/v6) over
IPv6, and people whose clients are not IPv6-capable will use IPv4 just
fine. If I for some reason want to force either IPv4 or IPv6, I can do
that without any trouble.
I have also set up a few "www6" CNAMEs (and sometimes even AAAAs)
pointing at the IPv6 address records only. Might come in handy some
day and DNS records hardly cost anything...
By the way, remember that allow-v6-synthesisis requires that you allow
the querying client recursion.
Michael Kjörling
- --
Michael Kjörling -- Programmer/Network administrator ^..^
Internet: michael@kjorling.com -- FidoNet: 2:204/254.4 \/
PGP: 95f1 074d 336d f8f0 f297 6a5b 2aa3 7bfd 8a70 e33e
``And indeed people sometimes speak of man's "bestial" cruelty, but
this is very unfair and insulting to the beasts: a beast can never be
so cruel as a man, so ingeniously, so artistically cruel.''
(Ivan Karamazov, in Dostoyevsky's 'The Brothers Karamazov')
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: Public key is at http://michael.kjorling.com/contact/pgp.html
iD8DBQE8xCJ8KqN7/Ypw4z4RAv80AKDDYKVXxnFj+jM3bFu+tBIfkwU8QwCgu5q8
amZDCKm0QaI6brjkFfgMSSs=
=S+BM
-----END PGP SIGNATURE-----