IPv6 support in the DNS

Similar documents
IPv6 Support in the DNS. Workshop Name Workshop Location, Date

IPv6 Support in the DNS

IPv6 Support in the DNS. Workshop Name Workshop Location, Date

IPv6 support in the DNS

DNS & IPv6. Agenda 4/14/2009. MENOG4, 8-9 April Raed Al-Fayez SaudiNIC CITC rfayez@citc.gov.sa, DNS & IPv6.

APNIC elearning: Reverse DNS for IPv4 and IPv6

DNS. Computer networks - Administration 1DV202. fredag 30 mars 12

Copyright

- Domain Name System -

IPv6 associated protocols. Piers O Hanlon

ECE 4321 Computer Networks. Network Programming

DNS : Domain Name System

Internet-Praktikum I Lab 3: DNS

Domain Name System :49:44 UTC Citrix Systems, Inc. All rights reserved. Terms of Use Trademarks Privacy Statement

APNIC IPv6 Deployment

Motivation. Domain Name System (DNS) Flat Namespace. Hierarchical Namespace

DNS and BIND. David White

FAQ (Frequently Asked Questions)

An Introduction to the Domain Name System

Introduction to DNS CHAPTER 5. In This Chapter

Domain Name System (DNS) Fundamentals

Overview. Principles Creating reverse zones Setting up nameservers Reverse delegation procedures IPv6 Reverse DNS

Use Domain Name System and IP Version 6

Domain Name Server. Training Division National Informatics Centre New Delhi

How To Guide Edge Network Appliance How To Guide:

How-to: DNS Enumeration

DNS. The Root Name Servers. DNS Hierarchy. Computer System Security and Management SMD139. Root name server. .se name server. .

Understand Names Resolution

Domain Name System (DNS) Session-1: Fundamentals. Ayitey Bulley

HTG XROADS NETWORKS. Network Appliance How To Guide: DNS Delegation. How To Guide

The Domain Name System

The Root of the Matter: Hints or Slaves

DNS. Computer Networks. Seminar 12

Section 1 Overview Section 2 Home... 5

The Domain Name System

DNS Domain Name System

Domain Name System. CS 571 Fall , Kenneth L. Calvert University of Kentucky, USA All rights reserved

Configuring the BIND name server (named) Configuring the BIND resolver Constructing the name server database files

DNS Session 4: Delegation and reverse DNS. Joe Abley AfNOG 2006 workshop

HTG XROADS NETWORKS. Network Appliance How To Guide: EdgeDNS. How To Guide

netkit lab dns Università degli Studi Roma Tre Dipartimento di Informatica e Automazione Computer Networks Research Group Version Author(s)

Networking Domain Name System

Goal of this session

DNS zone transfers from FreeIPA to non-freeipa slave servers

Reverse DNS Delegations

Application Protocols in the TCP/IP Reference Model

Agenda. Network Services. Domain Names. Domain Name. Domain Names Domain Name System Internationalized Domain Names. Domain Names & DNS

Glossary of Technical Terms Related to IPv6

Hostnames. HOSTS.TXT was a bottleneck. Once there was HOSTS.TXT. CSCE515 Computer Network Programming. Hierarchical Organization of DNS

Application Protocols in the TCP/IP Reference Model. Application Protocols in the TCP/IP Reference Model. DNS - Concept. DNS - Domain Name System

Tunnel Client FAQ. Table of Contents. Version 0v5, November 2014 Revised: Kate Lance Author: Karl Auer

Campus IPv6 connection Campus IPv6 deployment

Basic DNS Course. Module 1. DNS Theory. Ron Aitchison ZYTRAX, Inc. Page 1 of 24

Using Webmin and Bind9 to Setup DNS Sever on Linux

DNS ActiveX Control for Microsoft Windows. Copyright Magneto Software All rights reserved

IPv6 and.hk. Jonathan Shea. HKIRC 23 November 2009

Domain Name System (DNS)

DNS Measurements, Monitoring & Quality Control

Distributed Systems. 09. Naming. Paul Krzyzanowski. Rutgers University. Fall 2015

Understanding DNS (the Domain Name System)

Services: DNS domain name system

3. The Domain Name Service

Introduction to the Domain Name System

Networking Domain Name System

Distributed Systems. 22. Naming Paul Krzyzanowski. Rutgers University. Fall 2013

DNS and Interface User Guide

THE DOMAIN NAME SYSTEM DNS

CS3250 Distributed Systems

Advanced DNS Course. Module 4. DNS Load Balancing

Root zone update for TLD managers Mexico City, Mexico March 2009

THE MASTER LIST OF DNS TERMINOLOGY. First Edition

Local DNS Attack Lab. 1 Lab Overview. 2 Lab Environment. SEED Labs Local DNS Attack Lab 1

Chapter 23 The Domain Name System (DNS)

Configuring DNS. Finding Feature Information

Domain Name System. 188lecture12.ppt. Pirkko Kuusela, Markus Peuhkuri, Jouni Karvo

Understanding DNS By Robert Sterler

NET0183 Networks and Communications

Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2

THE MASTER LIST OF DNS TERMINOLOGY. v 2.0

DNS based Load Balancing with Fault Tolerance

Internet Bodies.

Application Protocols in the TCP/IP Reference Model. Application Protocols in the TCP/IP Reference Model. DNS - Domain Name System

The Use of DNS Resource Records

Global Server Load Balancing (GSLB) Concepts

DNS Root NameServers

Enterprise Architecture Office Resource Document Design Note - Domain Name System (DNS)

DNS and DHCP. 14 October 2008 University of Reading

A versatile platform for DNS metrics with its application to IPv6

Introduction to Network Operating Systems

IPV6 Deployment Status for Higher Education Institutions' Website of Ministry of Education Malaysia

Domain Name Servers. Domain Types WWW host names. Internet Names. COMP476 Networked Computer Systems. Domain Name Servers

Creating a master/slave DNS server combination for your Grid Infrastructure

DNS - Domain Name System

mydnsipv6 Success Story

Lab - Observing DNS Resolution

IPV6 SERVICES DEPLOYMENT

Applications and Services. DNS (Domain Name System)

Simple DNS Configuration Example

The Domain Name System: An Integral Part of the Internet. By Keiko Ishioka

DNS. DNS Fundamentals. Goals of this lab: Prerequisites: LXB, NET

Transcription:

IPv6 support in the DNS János Mohácsi (mohacsi@niif.hu) Central Asia workshop,ashgabat

Copy... Rights This slide set is the ownership of the 6DISS project via its partners The Powerpoint version of this material may be reused and modified only with written authorization Using part of this material must mention 6DISS courtesy PDF files are available from www.6diss.org Looking for a contact? Mail to : martin.potts@martel-consulting.ch Or bernard.tuy@renater.fr

Contributions Main authors Miguel Baptista, FCCN, Portugal Carlos Friaças, FCCN, Portugal Laurent Toutain, ENST-Bretagne IRISA, France Bernard Tuy, Renater, France Contributors Octavio Medina, ENST-Bretagne, France Mohsen Souissi, AFNIC, France Vincent Levigneron, AFNIC, France Thomas Noel, LSIIT, France Alain Durand, Sun Microsystems, USA Alain Baudot, France Telecom R&D, France Bill Manning, ISI, USA David Kessens, Qwest, USA Pierre-Emmanuel Goiffon, Renater, France Jérôme Durand, Renater, France Mónica Domingues, FCCN, Portugal János Mohácsi, NIIF/hungarnet, Hungary

Prerequisites You must have followed previously the modules: 010-IPv6 Introduction 020-IPv6 Protocol 030-IPv6 Addressing 040-IPv6 Associated Protocols

Agenda How important is the DNS? DNS Resource Lookup DNS Extensions for IPv6 Lookups in an IPv6-aware DNS Tree About Required IPv6 Glue in DNS Zones The Two Approaches to the DNS DNS IPv6-capable software IPv6 DNS and root servers DNSv6 Operational Requirements & Recommendations

How important is the DNS? Getting the IP address of the remote endpoint is necessary for every communication between TCP/IP applications Humans are unable to memorize millions of IP addresses (specially IPv6 addresses) To a larger extent: the Domain Name System (DNS) provides applications with several types of resources (domain name servers, mail exchangers, reverse lookups, ) they need DNS design hierarchy distribution redundancy

DNS Lookup root Query foo.g6.asso.fr RR?. name server Query foo.g6.asso.fr RR? name server resolver Reply Refer to fr NS + glue Query foo.g6.asso.fr RR? Refer to asso.fr NS [+ glue] Query foo.g6.asso.fr RR? Refer to g6.asso.fr NS [+ glue] RR for foo.g6.asso.fr Query foo.g6.asso.fr RR? fr name server asso.fr name server g6.asso.fr name server fr de com asso inria abg afnic g6

DNS Extensions for IPv6 RFC 1886 RFC 3596 (upon successful interoperability tests) AAAA : forward lookup ( Name IPv6 Address ): Equivalent to A record Example: ns3.nic.fr. IN A 192.134.0.49 IN A A A A 2001:660:3006:1::1:1 PTR : reverse lookup ( IPv6 Address Name ): Reverse tree equivalent to in-addr.arpa New tree: ip6.arpa (under deployment) Former tree: ip6.int (deprecated) Example: $ORIGIN 1.0.0.0.6.0.0.3.0.6.6.0.1.0.0.2.ip6.arpa. 1.0.0.0.1.0.0.0.0.0.0.0.0.0.0.0 PTR ns3.nic.fr.

Lookups in an IPv6-aware DNS Tree IP Address Name root Name IP Address arpa int com net fr in-addr ip6 ip6 itu apnic ripe nic 192 193 6.0.1.0.0.2 e.f.f.3 whois www ns3 0... 134... 255 0.6 0 4 192.134.0.49 49 6.0.0.3 ns3.nic.fr 2001:660:3006:1::1:1 192.134.0.49 49.0.134.192.in-addr.arpa. 1.0.0.0.1.0.0.0.0.0.0.0.0.0.0.0.1.0.0.0 1.0.0.0.1.0.0.0.0.0.0.0.0.0.0.0.1.0.0.0.6.0.0.3.0.6.6.0.1.0.0.2.ip6.arpa 2001:660:3006:1::1:1 ns3.nic.fr

About Required IPv6 Glue in DNS Zones When the DNS zone is delegated to a DNS server (among others) contained in the zone itself Example: In zone file rennes.enst-bretagne.fr @ IN SOA rsm.rennes.enst-bretagne.fr. fradin.rennes.enst-bretagne.fr. (2005040201 ;serial 86400 ;refresh 3600 ;retry 3600000 ;expire} IN NS rsm IN NS univers.enst-bretagne.fr. [ ] ipv6 IN NS rhadamanthe.ipv6 IN NS ns3.nic.fr. IN NS rsm ; rhadamanthe.ipv6 IN A 192.108.119.134 IN AAAA 2001:660:7301:1::1 [ ] IPv4 glue (A 192.108.119.134 ) is required to reach rhadamanthe over IPv4 transport IPv6 glue (AAAA 2001:660:7301:1::1) is required to reach rhadamanthe over IPv6 transport

IPv6 DNS and root servers DNS root servers are critical resources! 13 roots «around» the world (#10 in the US) Not all the 13 servers already have IPv6 enabled and globally reachable via IPv6. Need for (mirror) root servers to be installed in other locations (EU, Asia, Africa, ) New technique : anycast DNS server To build a clone from the master/primary server Containing the same information (files) Using the same IP address Such anycast servers have already begun to be installed : F root server: Ottawa, Paris(Renater), Hongkong, Lisbon (FCCN) Look at http://www.root-servers.org for the complete and updated list.

The Two Approaches to the DNS The DNS seen as a Database Stores different types of Resource Records (RR): SOA, NS, A, AAAA, MX, SRV, PTR, DNS data is independent of the IP version (v4/v6) the DNS server is running on! The DNS seen as a TCP/IP application The service is accessible in either transport modes (UDP/TCP) and over either IP versions (v4/v6) Information given over both IP versions MUST BE CONSISTENT!

DNS IPv6-capable software BIND (Resolver & Server) http://www.isc.org/products/bind/ BIND 9 (avoid older versions) On Unix distributions Resolver Library (+ (adapted) BIND) NSD (authoritative server only) http://www.nlnetlabs.nl/nsd/ Microsoft Windows (Resolver & Server)...

DNSv6 Operational Requirements & Recommendations The target today IS NOT the transition from an IPv4-only to an IPv6-only environment How to get there? Start by testing DNSv6 on a small network and get your own conclusion that DNSv6 is harmless, but remember: The server (host)m ustsupportipv6 And DNS server softw are m ustsupportipv6 Deploy DNSv6 in an incremental fashion on existing networks DO NOT BREAK something that works fine (production IPv4 DNS)!

Questions?

EXTRA SLIDES

TLDs and IPv6 One of IANA s functions is the DNS top-level delegations Changes in TLDs (e.g cctlds) has to be approved and activated by IANA Introduction of IPv6-capable nameservers at cctlds level has to be made through IANA

TLDs and IPv6 #2 How many servers supporting a domain should carry AAAA records? Usually conservative approaches One or two servers Don t use long server names. 1024 bytes limit in DNS responses Some cctlds had to renamed their servers (same philosophy used by root servers)

TLDs and IPv6 #3 17/04/2005 4 TLDs (.AEROS,.NET,.COM,.INT) 42 cctlds European: About half already glued Servers: 35 different ones, worldwide

Bind 9 configuration/1 named.conf entries More than one listen-on-v6 option can be used: options { listen-on-v6 port 53 { any; }; listen-on-v6 port 1234 { any; }; }; In order the DNS server not to server IPv6 requests. (Before 9.2.0 now it is the default): options { listen-on-v6 { none; }; };

Bind9 configuration/2 Zone transfer: transfer-source-v6 1:2:3:4:5:6:7:8; Query over IPv6 enable: query-source-v6 address * 53; Don t forget to update ACLs for IPv6 addresses!

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information