Is an IPv6-only glue/delegation record a problem in a world of IPv4?
Niobos
niobos at dest-unreach.be
Mon Jan 11 19:32:13 UTC 2010
On 11 Jan 2010, at 18:29, Mathew J. Newton wrote:
> Specifically, the Dig tool at http://www.kloth.net/services/dig.php
> seems
> unable to resolve my records and I can't help but feel it's a
> problem at
> my end rather than theirs!
It's their end
> The domain is v6ns.org, and the record I am attempting to query for is
> ns1.v6ns.org - here's what the Kloth Dig tool gets:
> v6ns.org. 86400 IN NS ns1.v6ns.org.
> v6ns.org. 86400 IN NS ns2.v6ns.org.
> ;; Received 150 bytes from 199.249.112.1#53(A2.ORG.AFILIAS-NST.INFO)
> in 4 ms
If I retry this DNS-query, I get:
; <<>> DiG 9.4.3-P3 <<>> @A2.ORG.AFILIAS-NST.INFO ns1.v6ns.org.
; (2 servers found)
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 52072
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 2, ADDITIONAL: 4
;; WARNING: recursion requested but not available
;; QUESTION SECTION:
;ns1.v6ns.org. IN A
;; AUTHORITY SECTION:
v6ns.org. 86400 IN NS ns1.v6ns.org.
v6ns.org. 86400 IN NS ns2.v6ns.org.
;; ADDITIONAL SECTION:
ns1.v6ns.org. 86400 IN A 77.103.161.36
ns2.v6ns.org. 86400 IN A 77.103.161.36
ns1.v6ns.org. 86400 IN AAAA 2a01:348:133::a1
ns2.v6ns.org. 86400 IN AAAA 2a01:348:6:a1::2
;; Query time: 28 msec
;; SERVER: 2001:500:40::1#53(2001:500:40::1)
;; WHEN: Mon Jan 11 20:26:17 2010
;; MSG SIZE rcvd: 150
Which seems perfectly valid for a v4&v6 delegation.
> I set the domain up to experiment with IPv6, which could be why I've
> got a
> problem...
Shouldn't, but might... I'm running a v4-v6 DNS right now and I've
been through some trouble to get it working...
> I have a single DNS server with a IPv4 address and two IPv6
> addresses. The
> zone file is as follows:
>
> $ORIGIN v6ns.org.
> $TTL 300
> @ IN SOA ns1.v6ns.org. dns.newtonnet.co.uk. (
> 2010012000 ; Serial
> 14400 ; Refresh
> 7200 ; Retry
> 950400 ; Expire
> 300 ) ; Negative Cache TTL
>
> IN NS ns1.v6ns.org.
> IN NS ns2.v6ns.org.
>
> ns1 IN AAAA 2a01:348:133::a1
> ns1 IN A 77.103.161.36
> ns2 IN AAAA 2a01:348:6:a1::2
This is NOT how it's configured in the Glue:
ns1.v6ns.org. 86400 IN A 77.103.161.36
ns2.v6ns.org. 86400 IN A 77.103.161.36
ns1.v6ns.org. 86400 IN AAAA 2a01:348:133::a1
ns2.v6ns.org. 86400 IN AAAA 2a01:348:6:a1::2
> Local lookups for ns1.v6ns.org (A and AAAA records) work fine, as they
> also do from Men&Mice's online Dig tool. So why not Kloth's?
Possibly because it's broken. It works fine here; results conform to
the zone you listed above.
> I can't help but feel it is given the lack of an IPv4 A record for
> ns2.v6ns.org - either as glue in .org or within my own v6ns.org
> zone. But
> should this matter? In the absence of an IPv4 A-record for the
> ns2.v6ns.org delegation in .org shouldn't their Dig attempt to
> connect to
> ns1.v6ns.org instead (yes, they are the same machine but noone else
> knows
> this but me... and you!)?
I'm not a DNS expert, but I think it should. However, currently there
IS a A-glue for ns2
Niobos
More information about the bind-users
mailing list