How to generate authoritative DNS64 reverse zone
Aleksi Suhonen
bind-users-2017 at ssd.axu.tm
Mon May 22 08:42:43 UTC 2017
Hi,
On 05/20/2017 01:48 AM, Mark Andrews wrote:
> In message <57bf558b-f4eb-f2e4-c27c-9447ff4dd8c1 at axu.tm>, Aleksi Suhonen writes:
>> So how do I configure Bind9 to generate one authoritative DNS64 reverse
>> zone that contains CNAMEs to in-addr.arpa, but otherwise not mess with
>> anything?
> You should delegate
> 1.0.0.0.0.0.0.0.2.3.B.D.0.B.2.0.C.7.6.0.1.0.0.2.IP6.ARPA normally.
> This will let everyone in the world find the CNAME records. This
> should be done even if you are just doing it for your recursive
> clients.
I created the delegation, tried the below config and created an empty
zone file for the above delegation. Rndc reconfig gave the following error:
22-May-2017 07:58:13.534 general: error: reloading configuration failed:
already exists
This was the entirety of the error message.
> If you don't want A to AAAA mappings to happen then turn off the
> DNS64 mapping for everyone on the server.
> dns64 2001:67c:2b0:db32:0:1::/96 {
> clients { none; }
> };
When I removed the empty master zone, the error message went away. So it
seems that the dns64 declaration implicitly creates a new zone in Bind.
Makes sense. This could be added to documentation?
I think the above error message should also be improved, as it gave no
indication as to *what* exists already. I could have saved about an hour
of wondering what the hell is wrong with my config change, if the error
message was a bit more wordy. :-)
In hind sight, I guess I could have turned on debugging and seen what
messages would be generated then, but I suspect there would have been
too many messages for me to process.
Anyway, thanks for the help.
--
Aleksi Suhonen / Axu TM Oy
Internetworking Consulting
Cellular: +358 44 975 6548
World Wide Web: www.axu.tm
More information about the bind-users
mailing list