On Sun, 2005-05-29 at 07:07 +0000, [EMAIL PROTECTED] wrote: > Hello, > > My users have asked me to add ipv6 support to my DNS server. In order to > test this, it is best if I have multiple loopback ipv6 addresses, so > that I can run multiple instances of the DNS server. Unlike ipv4, > which has some 16 million loopback ip addresses, ipv6 only has one > (I would think that, with ipv6's larger ip address space it would have > even more loopback addresses than ipv4. I guess I was wrong)
You are wrong indeed. Usually endsites will get a /48, which will give you way more than enough address space for these kind of things. > Anyway, one loopback isn't enough for some of my testing. That in mind, > I have set up some other loopback addresses: > > ifconfig lo add fecf::1/128 > ifconfig lo add fecf::2/128 > ifconfig lo add fecf::3/128 > ifconfig lo add fecf::4/128 > > etc. My first question: Is there a way, with Linux' ifconfig, to say > "I want all of the ipv6 addresses starting with fecf:0000:0000:etc.:00xx > to be a loopback interface". On linux everything bound to lo basically goes into /dev/null. > My second question: Is using fecf the best prefix for this kind of testing? > I know that RFC3879 has deprecated the use of these addresses for the > ipv6 equivalent of NAT RFC1918 addresses (I think RFC3879 is a bad idea > but that is another discussion), but I can't see any other reasonable > way to get a bunch of localhost addresses, short of completely ignoring the > specs and making up addresses. If you don't understand the value of RFC3879 then you should re-read it until you finally get it, or just try to merge two big company networks together and enjoy the fun, then you will also value that RFC. The alternative, going for proposed standard at the moment is: http://www.ietf.org/internet-drafts/draft-ietf-ipv6-unique-local-addr-09.txt Thus if you have any need for completely local, unregistered, globally unique, independent, unroutable address space, use that. In other cases, just use a /64 from the /48 you get and firewall it off properly. > Oh: Is it possible to get an ISP with ipv6 connectivity in the US? I am > not able to send DNS queries to the ipv6 addresses of the root servers > (2001:478:65::53, 2001:500::1035, 2001:500:1::803f:235, 2001:7fd::1 > and 2001:dc3::35) from my US DSL connection: > > $ dig @2001:500::1035 www.google.com > > ; <<>> DiG 8.4 <<>> @2001:500::1035 www.google.com > ; (1 server found) > ;; res options: init recurs defnam dnsrch no-nibble2 > ;; res_nsend: Connection refused You might indeed want to start by getting IPv6 connectivity. Try: www.hexago.com, www.tunnelbroker.net or if you have clue www.occaid.org to get a tunnel and connectivity. Also root servers only know about the location of tld's and nothing else, asking it where google is will only point you to those boxes. Greets, Jeroen -- 8<-------------------------- $ dig @2001:500::1035 www.google.com ; <<>> DiG 9.3.1 <<>> @2001:500::1035 www.google.com ; (1 server found) ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 10855 ;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 13, ADDITIONAL: 14 ;; QUESTION SECTION: ;www.google.com. IN A ;; AUTHORITY SECTION: com. 172800 IN NS C.GTLD-SERVERS.NET. <SNIP> ;; Query time: 259 msec ;; SERVER: 2001:500::1035#53(2001:500::1035) ;; WHEN: Sun May 29 11:49:31 2005 ;; MSG SIZE rcvd: 504 -------------------------->8
signature.asc
Description: This is a digitally signed message part
