Home

Building a Linux IPv6 DNS Server

Issue 114

From Issue #114
October 2003

Apr 12, 2006  By David Gordon and Ibrahim Haddad
 in
A tutorial on building a DNS server node that provides IPv6 name resolution, with examples of some useful IPv6 applications.
Sample Server Applications Using IPv6

In our IPv6 network, we presented two application servers: Apache as a Web server and VideoLan for video streaming. To test IPv6 name resolution when streaming a video, a user on client node pc5 accesses the video-streaming server on pc3. The video server is on pc3 (fec0::1:250:b7ff:fe14:5768), and the video client is on pc5 (fec0::1:250:b7ff:fe50:7c). Sniffing the network communications on pc5 with tcpdump, we captured packets from the video stream. Here is a portion of the trace: 


% tcpdump ip6    # only trace IPv6 traffic, must be run as root or setuid root
[snip...]
02:09:26.716040 fec0::1:250:b7ff:fe14:5768.32769 > fec0::1:250:b7ff:fe50:7c.1234: udp 1316
02:09:26.735805 fec0::1:250:b7ff:fe14:5768.32769 > fec0::1:250:b7ff:fe50:7c.1234: udp 1316
02:09:26.735971 fec0::1:250:b7ff:fe14:5768.32769 > fec0::1:250:b7ff:fe50:7c.1234: udp 1316
02:09:26.736082 fec0::1:250:b7ff:fe14:5768.32769 > fec0::1:250:b7ff:fe50:7c.1234: udp 1316
02:09:26.755810 fec0::1:250:b7ff:fe14:5768.32769 > fec0::1:250:b7ff:fe50:7c.1234: udp 1316
02:09:26.755935 fec0::1:250:b7ff:fe14:5768.32769 > fec0::1:250:b7ff:fe50:7c.1234: udp 1316
02:09:26.775787 fec0::1:250:b7ff:fe14:5768.32769 > fec0::1:250:b7ff:fe50:7c.1234: udp 1316

The video is displayed properly using X11 output on a Linux X server; Figure 2 shows a capture from the stream.

Figure 2. The Output Stream of IPv6 Video

Conclusion

IPv6 is becoming a reality. For the next few years, we will need to be able to support both IPv4 and IPv6 on our servers before the complete transition to IPv6 occurs. We need different pieces of the puzzle to achieve a full migration to IPv6, and one essential piece is an IPv6-compliant BIND implementation.

Acknowledgements

Ericsson Research Corporate Unit for approving the publication of this article. Open Systems Lab for supporting our work with Linux and IPv6. Simon Jubinville, Open Systems Lab, for his reviews.

Resources

BIND: www.isc.org/products/BIND/BIND9.html

BIND Manual: www.crt.se/dnssec/bind9/Bv9ARM.html

Comparison of AAAA and A6: www.ietf.org/proceedings/02mar/I-D/draft-ietf-dnsext-aaaa-a6-01.txt

DNSSEC: www.ietf.org/rfc/rfc2535.txt

DNSSEC and IPv6 A6: ftp.rfc-editor.org/in-notes/rfc3226.txt

DNSSEC Signing Authority: ftp.rfc-editor.org/in-notes/rfc3008.txt

IPv6 HOWTO: www.bieringer.de/linux/IPv6/IPv6-HOWTO/IPv6-HOWTO.html

IPv6 Linux Implementations: /article/5468

IPv6 Support for DNS: www.ietf.org/rfc/rfc2874.txt

IP Version 6 Addressing Architecture: www.rfc-editor.org/rfc/rfc2373.txt

Linux Kernel: www.kernel.org

“Supporting IPv6 on a Linux Server Node” by Hbrahim Haddad and Marc Blanchet, LJ, August 2002: /article/4763

David Gordon (David.Gordon@Ericsson.ca) is a computer science intern at Ericsson Research—Open Systems Lab. He is completing his undergraduate studies in Computer Science at Sherbrooke University. His research interests include security, next-generation IP networks and wireless technologies.

Ibrahim Haddad (Ibrahim.Haddad@Ericsson.com) is a researcher at the Ericsson Corporate Unit of Research in Montréal, Canada, involved with the system architecture of third-generation wireless IP networks.

______________________

Comments

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

good overview

Anonymous's picture
Submitted by Anonymous on Thu, 02/25/2010 - 11:53.

I think this has helped me understanding how to set
up my ipv6 (only) network. The sytax's are good examples
thanks

Problems with IPv6 DNS files

KenS's picture
Submitted by KenS (not verified) on Thu, 06/01/2006 - 04:11.

This article is interesting. Unfortunately, when I tried to apply the article, I encountered multiple typos in the listing files, which wasted a lot of time. For instance, Listing 1 is missing the closing }; for the options. Listings 3-6 use double-slash comments, which are errors in zone files. The zones "secv6.int" and "secv6.arpa" don't make sense. The lines that start with "IN" are missing significant whitespace. Eventually I gave up on these listings.

Webcast
More Resources
How to Build an Optimal Hadoop Cluster to Store and Maintain Unlimited Amounts of Data Using Microservers

Realizing the promise of Apache® Hadoop® requires the effective deployment of compute, memory, storage and networking to achieve optimal results. With its flexibility and multitude of options, it is easy to over or under provision the server infrastructure, resulting in poor performance and high TCO. Join us for an in depth, technical discussion with industry experts from leading Hadoop and server companies who will provide insights into the key considerations for designing and deploying an optimal Hadoop cluster.

Learn More

Sponsored by AMD

White Paper
More Resources
Red Hat White Paper: Using an Open Source Framework to Catch the Bad Guy

Built-in forensics, incident response, and security with Red Hat Enterprise Linux 6

Every security policy provides guidance and requirements for ensuring adequate protection of information and data, as well as high-level technical and administrative security requirements for a system in a given environment. Traditionally, providing security for a system focuses on the confidentiality of the information on it. However, protecting the data integrity and system and data availability is just as important. For example, when processing United States intelligence information, there are three attributes that require protection: confidentiality, integrity, and availability.

Learn more about catching the bad guy in this free white paper.

Learn More

Sponsored by DLT Solutions