IPv6 PTR Records

Chris Buxton clists at buxtonfamily.us
Mon Mar 10 16:23:22 UTC 2014 

On Mar 10, 2014, at 8:28 AM, Maechler Philippe <pmaechler-ml at glattnet.ch> wrote:
> Let´s assume that we have a /32 IPv6 subnet for our needs and that we only publish PTR records where they are needed like for mail servers and maybe DNS and web servers. 
>  
>  
> Our Network is: 2001:db8::/32
> This would give us a Zone named 8.b.d.0.1.0.0.2.ip6.arpa

You could do that, or you could create one reverse zone per /64, or break it at any label you like.

> Our DNS has the ip 2001:db8:193:192::20/64 and the other one has 2001:db8:193:193::20/64
>  
> 1) Would you create an entry in 8.b.d.0.1.0.0.2.ip6.arpa like:
>  
> 20.2.9.1.0.3.9.1.0      IN A  dns1.example.org.
> 20.3.9.1.0.3.9.1.0      IN A  dns2.example.org.

The correct answer is:

$ORIGIN 8.b.d.0.1.0.0.2.ip6.arpa.
0.2.0.0.0.0.0.0.0.0.0.0.0.0.0.0.2.9.1.0.3.9.1.0 PTR dns1.example.com.
0.2.0.0.0.0.0.0.0.0.0.0.0.0.0.0.3.9.1.0.3.9.1.0 PTR dns1.example.com.

Again, you can delegate subzones at any arbitrary label.

> 2) In the near future we will have a lot more entries in the reverse Zone and, so I guess, some parts of it will be delegated to other servers. When would you start delegating parts of Zone 8.b.d.0.1.0.0.2.ip6.arpa into other Zone-Files?
> How far down the tree would you go for de delegation?

Personally, I would create a reverse zone for each /64 subnet.

> 3) Will a recursive resolver have problems if I only have a SOA for 8.b.d.0.1.0.0.2.ip6.arpa and no SOA for the zones below like 1.0.3.9.1.0.8.b.d.0.1.0.0.2.ip6.arpa?

There's a difference between zones and domains. A zone is equal to a domain minus any delegated subzones. You are permitted to delegated a subzone several labels down the tree from its parent zone. In other words, it's perfectly legitimate to have a zone at the /32 level and then child zones at the /64 level, with no delegated subzones in between (at the /36, /40, /44, etc. levels).

> The reason I ask is:
> We had generic A records for our IPv4 space: dynamic.001-002.003-004.catv.example.org IN A 1.2.3.4 and some mailservers complained that there was no zone for 001-002.003-004.catv.example.org. nor 003-0004.catv.example.org. and no entry for catv.example.org. (we only had the example.org Zone with host a host dynamic.001-002.003-004.catv)

That's a different question, for the names of your A records. I don't know why a mail server would complain about this, but perhaps others with recent mail server admin experience can comment here.

Regards,
Chris Buxton

More information about the bind-users mailing list