IPv6 – DNS Part 1 (AAAA records)

With the clients now all speaking IPv6 (with IP addresses from stateless auto-config), and the server now having a global-scope static IPv6 address, it’s time to make this much more useful.

With IPv6 address being 128 bits (32 Hex characters), it’s just not practical to expect anyone to remember IP addresses. DNS becomes much more important, not only for servers (with static addresses) but for clients. Clients will in general get their “real” IPv6 address via DHCP6 and do dynamic DNS updates. (There’s a special “stateless” DHCPv6 that just listens for the auto-config’ed IP addresses and put them into DNS.)

There are three parts of getting to “IPv6 DNS”.

  1. The first is to get AAAA (quad-A) records into your DNS system. At that point clients can ask for the AAAA records over IPv4 and everything will work just fine.
  2. The second is for you to actually serve your DNS zones over IPv6.
  3. The third is to get hooked into the global IPv6 DNS system, so that others can resolve your IPv6 addresses.

In this installment, we’ll just do Step 1.

Lets do the AAAA records and test some queries. If you’re this far along, editing Bind zone files and using “dig” should be second nature for you, so I’m only going to show snippets from the zone files:

;;; services
www         a       66.93.34.228       ;; original IPv4 address
www         aaaa    2001:470:67:88::10 ;; NEW IPv6 address, same name
ipv6        aaaa    2001:470:67:88::10 ;; NEW ipv6 address, new name for ease in testing

I’ve added two new records, a second “www” entry and a completely new “ipv6” entry. The “ipv6” entry is so that I have a hostname that has only an IPv6 address, and no IPv4 addresses. Let’s see what I can get (after I reload the zone)…

$ dig +short ipv6.thuktun.org              # 1 asking for the "A" record for "ipv6" - NO AAAA records exist
$ dig +short ipv6.thuktun.org aaaa         # 2 asking for the AAAA record - SUCCESS
2001:470:67:88::10
$ dig +short www.thuktun.org               # 3 asking for the "A" record for "www" - SUCCESS
66.93.34.228
$ dig +short www.thuktun.org aaaa          # 4 ...and the AAAA record - SUCCESS
2001:470:67:88::10
dig -4 +short www.thuktun.org aaaa         #5 force IPv4 query (which is actually the default) - SUCCESS
2001:470:67:88::10
$ dig -6 +short www.thuktun.org aaaa       #6 force query over IPv6 transport - NO RESPONSE
^C            #hangs

Two notes:

  1. By default “dig” queries for “A” records if no other record type is given.
  2. Be default “dig” queries over IPv4.

This explains why query #1 returns no data and why #3 returns the “A” record (only). To get the “AAAA” records, you have to explicitly ask for them with a record type. Finally, query #6 attempts to force the DNS queries to use IPv6 for transport, which hangs since there are no know IPv6 DNS resolvers configured in the system.

At this point we’ve achieved step 1, we have AAAA records in our DNS, and we can retrieve them via IPv4.

Next step, having our own DNS server answer queries over IPv6 transport.

Advertisements
  1. IPv6 – DNS Part 2 (serving DNS over IPv6) « Thuktun (Message)
  2. IPv6 DNS Part 3 (authoritative DNS via IPv6 transport) « Thuktun (Message)

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: