Agenda: dns-enabling-ipv6-service.txt

File dns-enabling-ipv6-service.txt, 2.6 KB (added by regnauld, 8 years ago)
Line 
1Now we would like to do the following:
2
31. Make our nameservers listen on IPv6
42. Add v6 addresses to the nameservers in our zone, so they can receive
5   v6 traffic
63. Add v6 addresses to the host records, for example "www       AAAA",
7   etc...
8
9
101. Make our nameservers listen on IPv6
11
12        In BIND's named.conf, in the options section:
13
14                listen-on-v6 { any; };
15       
16        In Unbound's unbound.conf, in the "server:" section:
17       
18                do-ip6: yes
19                interface: ::0
20                interface: 0.0.0.0
21
22        NSD will start up by default and listen on IPv6
23
24
252. If necessary, add the IPv6 addresses of your nameservers in your zone.
26
27*** READ THIS CAREFULLY ***
28
29        For example, in for the parent zone 'nsrc.org' we have:
30
31ws.nsrc.org.            NS      tldserv.ws.nsrc.org.
32                                        NS      tldslave.ws.nsrc.org.
33
34        Since tldserv.ws and tldslave.ws are IN the zone being
35        delegated, then we need to add glue records!
36
37; v4 GLUE records
38tldserv.ws.nsrc.org.                    A       10.10.0.251
39tldslav.ws.nsrc.org.                    A       10.10.0.246
40
41        In the same way, we will need IPbv6 glue records:
42
43; v6 GLUE records
44tldserv.ws.nsrc.org.                    AAAA    fdba:dc55:48c7::251
45tldslave.ws.nsrc.org.                   AAAA    fdba:dc55:48c7::246
46
47        In the child zone 'ws.nsrc.org', we will need to declare these
48        hosts as well.  In fact, as explained in class, you MUST declare
49        them otherwise you will experience strange problems with resolution:
50
51ws.nsrc.org.            SOA     ...
52
53                                        NS      tldserv
54                                        NS      tldslave
55
56tldserv                         A        10.10.0.251
57                                        AAAA fdba:dc55:48c7::251
58tldslave                        A        10.10.0.246
59                                        AAAA fdba:dc55:48c7::246
60
61
62        In your zone "MYTLD", you MAY or MAY NOT have used NSes IN your zone.
63
64
65        - If you did (i.e.: ns1.MYTLD for example)
66
67                Then you need to proceed as above, and ADD the IPv6 records for
68                the nameservers you declared
69
70        - If you didn't (you used "master.grpX.ws.nsrc.org)
71
72                You need to do nothing here :)  The administrator of ws.nsrc.org
73                will add a the v6 address you have configured on eth0 to the
74                DNS record for "master.grpX.ws.nsrc.org".
75
76                This should already be the case:
77
78                # dig AAAA master.grpX.ws.nsrc.org
79
80                Try and ping these hosts:
81
82                # ping6 tldserv.ws.nsrc.org
83                # ping6 tldslave.ws.nsrc.org
84                # ping6 master.grpX.ws.nsrc.org
85
86                Try performing DNS queries in v6 against tldserv + tldslave:
87
88                # dig -6 @tldserv.ws.nsrc.org ws.nsrc.org ns
89                # dig -6 @tldslave.ws.nsrc.org ws.nsrc.org ns
90
913. Add IPv6 addresses for the 'www' record in your zone
92
93        You should know how to do this now!
94
954. Try and ping other people's hosts in the room using v6.
96
97        Use dig to connect to other people's nameservers, and verify that
98        they:
99
100        - answer in IPv6
101        - have an IPv6 record for their name
102        - provide DNS answer with IPv6 addresses!
103