DNS64 & nslookup

Rick Tillery rtillerywork at gmail.com
Wed Apr 11 22:09:20 UTC 2018

I appear to have my NAT64+DN64 IPv6 -> IPv4 network configured correctly,
as I can access IPv4 only Internet sites, e.g. from my browser.  But some
tools don't seem to work the way I think they should.

One example is nslookup.  If do nslookup ipv4.google.com, I get:

$ nslookup ipv4.google.com
Server:         2001:4:1f:98::2
Address:        2001:4:1f:98::2#53

Non-authoritative answer:
ipv4.google.com canonical name = ipv4.l.google.com.
Name:   ipv4.l.google.com

Shouldn't the address (last line) be an IPv6 address (prefixed IPv4
address, created by NAT64, such as 64:ff9b::

Here is my network configuration, set up with only IPv6 (DHCP address):

$ ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 6556 qdisc noqueue state UNKNOWN qlen 1
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: enp0s3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast
state UP qlen 1000
    link/ether XX:XX:XX:XX:XX:XX brd ff:ff:ff:ff:ff:ff
    inet6 2001:4:1f:98::1b1/128 scope global dynamic
       valid_lft 4663sec preferred_lft 1963sec
    inet6 fe80::XXXX:XXXX:XXXX:XXXX/64 scope link
       valid_lft forever preferred_lft forever

Here is the named.conf.options file:

options {
directory "/var/cache/bind";
auth-nxdomain no;
listen-on-v6 { any; };
allow-query { any; };
dns64 64::ff9b::/96 {
clients { any; };
exclude { ::/0; };

Is the nslookup output correct?  And if not, is this why tools like ping,
used with a URL, can't resolve the host without being explicitly told (i.e.
with ping -6 or ping6) that the target is IPv6?

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20180411/e48310d2/attachment.html>

More information about the bind-users mailing list