DNS64 & nslookup
Rick Tillery
rtillerywork at gmail.com
Wed Apr 11 22:09:20 UTC 2018
I appear to have my NAT64+DN64 IPv6 -> IPv4 network configured correctly,
as I can access IPv4 only Internet sites, e.g. from my browser. But some
tools don't seem to work the way I think they should.
One example is nslookup. If do nslookup ipv4.google.com, I get:
$ nslookup ipv4.google.com
Server: 2001:4:1f:98::2
Address: 2001:4:1f:98::2#53
Non-authoritative answer:
ipv4.google.com canonical name = ipv4.l.google.com.
Name: ipv4.l.google.com
Address: 216.58.218.110
Shouldn't the address (last line) be an IPv6 address (prefixed IPv4
address, created by NAT64, such as 64:ff9b::216.58.218.110)?
Here is my network configuration, set up with only IPv6 (DHCP address):
$ ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 6556 qdisc noqueue state UNKNOWN qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: enp0s3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast
state UP qlen 1000
link/ether XX:XX:XX:XX:XX:XX brd ff:ff:ff:ff:ff:ff
inet6 2001:4:1f:98::1b1/128 scope global dynamic
valid_lft 4663sec preferred_lft 1963sec
inet6 fe80::XXXX:XXXX:XXXX:XXXX/64 scope link
valid_lft forever preferred_lft forever
Here is the named.conf.options file:
options {
directory "/var/cache/bind";
auth-nxdomain no;
listen-on-v6 { any; };
allow-query { any; };
dns64 64::ff9b::/96 {
clients { any; };
exclude { ::/0; };
};
};
Is the nslookup output correct? And if not, is this why tools like ping,
used with a URL, can't resolve the host without being explicitly told (i.e.
with ping -6 or ping6) that the target is IPv6?
Rick
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20180411/e48310d2/attachment.html>
More information about the bind-users
mailing list