Using an IPv6-only internal network in a real-world environment
Problem: Not all servers which are available on the IPv4 Internet have IPv6-connectivity
Step 2: Returning the local AAAA-record when a host only has an A-record
When I type 'www.google.com' in my browser, for which there is no AAAA-record, I
want my dns to return not only 216.239.39.101 but also fec0:0:0:ffff::216.239.39.101.
Again, I collected some links:
- totd, the Trick or Treat Daemon by Feico Dillema. Linux support added by - hey - Nathan Lutchansky
This seems to do exactly what I want, so I installed it. It now works like a charm :) - situation:
- powerdns listens on the external addresses (ipv4 and ipv6).
- totd listsens on an internal address (ipv4, see below), and forwards to powerdns
- internal machines query mintzer on its internal address (ipv4, see below)
- totd always provides an AAAA-record, either an official one or a fec0:0:0:ffff::-prefixed ipv4 address
Totd is a DNS-proxy that will ask another DNS server what to returns, and adds a specified prefix to the ipv4-address to return an AAAA-record when none is normally available. Issues/considerations:
- bind9 currently cannot listen on specific interfaces (listen-on-v6 only supports 'any' and 'none'). This will be fixed in bind 9.3.
- to circumvent this, I installed powerdns on mintzer. Nice thingy.
- totd, also, only seems to support listening on all or none of the IPv6 IP's. For the time being, I set it to listen on the internal ipv4 address and no ipv6...
- an other alternative would be to run totd on 5005, for example, and do the ip6tables-equivalent of 'iptables -t nat -A PREROUTING -p tcp --dport 53 -d <IP> -j REDIRECT --to-ports 5005'. (whatever that equivalent is... not sure it's possible)