Hallo,
I tried to test my new DNS-Setup and my hidden primary for my DNS Clusters is IPv6 only. Is there any reason zone transfers to hidden primary/secondary name servers only work over IPv4?
Sincerely Gabriele
1 Like
I think I have run into a similar question as you…
I’ve been setting up miab and have the box mostly up and running (waiting for DNS to propagate) and have a question on using ipv6 with the secondary nameserver option. I’m using Linode’s Slave DNS service and they require notification and acceptance of AXFR on a set of IPs (IPv4 and v6) in addition to the standard nameservers (ns1-5.linode.com; see https://www.linode.com/docs/networking/dns/dns-manager-overview).
I typed the Linode NS’s into the secondary nameserver Hostname field and also added the xfr:IPs for the additional hosts that Linode requires. I included both the IPv4 and IPv6 addresses, but miab responded that non-IPv4 addresses were in the list and errored out. I removed the IPv6 addresses and everything worked fine.
I don’t believe this will be a problem for the vast majority of dual-stack configs, but would it be a problem for an IPv6-only environment?
I did some debug and manually added the IPv6 addresses to /etc/nsd/zones.conf with no apparent ill effects (I also noticed that the NS entries were IPv4 only as well).
Two questions:
- should we be able to add IPv6 addresses into the Secondary Nameserver field?
- what’s the downside risk to blocking IPv6 for the “notify:” and “provide-xfr:” directives in zones.conf for dual-stack environments?
1 Like
This topic was automatically closed after 61 days. New replies are no longer allowed.