Is an IPv6-only glue/delegation record a problem in a world of IPv4?

Mathew J. Newton bind-users at newtonnet.co.uk
Mon Jan 11 17:29:58 UTC 2010 

I would be grateful if someone might be able to shed some light on an
apparent problem I've got with an experimental DNS I have setup.

Specifically, the Dig tool at http://www.kloth.net/services/dig.php seems
unable to resolve my records and I can't help but feel it's a problem at
my end rather than theirs!

The domain is v6ns.org, and the record I am attempting to query for is
ns1.v6ns.org - here's what the Kloth Dig tool gets:

[dig 'ns1.v6ns.org' 'A' +trace]

 dig: couldn't get address for 'ns1.v6ns.org': failure

 ; <<>> DiG 9.3.2 <<>> ns1.v6ns.org A +trace
 ;; global options:  printcmd
 .			301721	IN	NS	I.ROOT-SERVERS.NET.
 .			301721	IN	NS	J.ROOT-SERVERS.NET.
 .			301721	IN	NS	K.ROOT-SERVERS.NET.
 .			301721	IN	NS	L.ROOT-SERVERS.NET.
 .			301721	IN	NS	M.ROOT-SERVERS.NET.
 .			301721	IN	NS	A.ROOT-SERVERS.NET.
 .			301721	IN	NS	B.ROOT-SERVERS.NET.
 .			301721	IN	NS	C.ROOT-SERVERS.NET.
 .			301721	IN	NS	D.ROOT-SERVERS.NET.
 .			301721	IN	NS	E.ROOT-SERVERS.NET.
 .			301721	IN	NS	F.ROOT-SERVERS.NET.
 .			301721	IN	NS	G.ROOT-SERVERS.NET.
 .			301721	IN	NS	H.ROOT-SERVERS.NET.
 ;; Received 228 bytes from 127.0.0.1#53(127.0.0.1) in 0 ms

 org.			172800	IN	NS	A2.ORG.AFILIAS-NST.INFO.
 org.			172800	IN	NS	A0.ORG.AFILIAS-NST.INFO.
 org.			172800	IN	NS	D0.ORG.AFILIAS-NST.org.
 org.			172800	IN	NS	C0.ORG.AFILIAS-NST.INFO.
 org.			172800	IN	NS	B0.ORG.AFILIAS-NST.org.
 org.			172800	IN	NS	B2.ORG.AFILIAS-NST.org.
 ;; Received 432 bytes from 192.36.148.17#53(I.ROOT-SERVERS.NET) in 8 ms

 v6ns.org.		86400	IN	NS	ns1.v6ns.org.
 v6ns.org.		86400	IN	NS	ns2.v6ns.org.
 ;; Received 150 bytes from 199.249.112.1#53(A2.ORG.AFILIAS-NST.INFO) in 4 ms

I set the domain up to experiment with IPv6, which could be why I've got a
problem...

I have a single DNS server with a IPv4 address and two IPv6 addresses. The
zone file is as follows:

$ORIGIN v6ns.org.
$TTL    300
@       IN      SOA     ns1.v6ns.org. dns.newtonnet.co.uk. (
                        2010012000      ; Serial
                        14400           ; Refresh
                        7200            ; Retry
                        950400          ; Expire
                        300 )           ; Negative Cache TTL

        IN      NS      ns1.v6ns.org.
        IN      NS      ns2.v6ns.org.

ns1     IN      AAAA    2a01:348:133::a1
ns1     IN      A       77.103.161.36
ns2     IN      AAAA    2a01:348:6:a1::2

The same delegation records are present as glue in the .org nameservers.

Local lookups for ns1.v6ns.org (A and AAAA records) work fine, as they
also do from Men&Mice's online Dig tool. So why not Kloth's?

I can't help but feel it is given the lack of an IPv4 A record for
ns2.v6ns.org - either as glue in .org or within my own v6ns.org zone. But
should this matter? In the absence of an IPv4 A-record for the
ns2.v6ns.org delegation in .org shouldn't their Dig attempt to connect to
ns1.v6ns.org instead (yes, they are the same machine but noone else knows
this but me... and you!)?

I would be grateful for any assistance, and would be more than happy to
provide further details if the above is insufficient.

Mathew

More information about the bind-users mailing list