I am running into some problems getting bind properly configured to support IPV6 hosts. IPv4 is working fine, no issues.

My zone file has both IP4 and IP6 data intermingled which I believe should not be a problem.

My zone file looks like this:

@   IN  SOA     ns1.test.net. root.test.net. (
        2015072804  ;Serial
        3600        ;Refresh
        1800        ;Retry
        1209600     ;Expire
        86400       ;Minimum TTL
; Specify our three nameservers
        IN      NS              ns1.test.net.
        IN      NS              ns2.test.net.
        IN      NS              ns3.test.net.

; Mail Service
                MX              10      ns1.test.net.
                MX              20      ns2.test.net.
                MX              30      ns3.test.net.

mx2             MX              10      mx1.test2.com.

; IP4/6 A Records
ns1     A
        AAAA    xxxx:3c02::f03c:91ff:fe89:xxxx
ns2     A
        AAAA    xxxx:7e00::f03c:91ff:fe89:xxxx
ns3     A
        AAAA    xxxx:8900::f03c:91ff:fe89:xxxx

www     CNAME           ns1.test.net.

; Sender Policy Framework
test.net.             IN TXT "v=spf1 a mx ~all"
test.net.             IN SPF "v=spf1 a mx ~all"

default._domainkey      IN      TXT     ( "v=DKIM1; k=rsa; "
          "p=MIGfMA0GCSqGSIb2DQEBAQUA84G7ADCBiQKBgQDYWUo9KVq1FlkaXyBGTg0fE/APYHiXRIgFeTukmVBo3Bk+Frv/aHzOvbk/vavnyofqCi3Z5sUZy7XgZakbx2SiBCzGqVrEyhe/nsFR9uajpFw5yM33d6nk0XG+Wg4D79PeU0bs1KIrRoyem9CXuGhBv6J0gQsfrcg23U3x2qjBbwIDAQAB" )
$INCLUDE /var/named/Ktest.net.+007+13232.key
$INCLUDE /var/named/Ktest.net.+007+53265.key

Now for some reason only NS2 resolves correctly with "host -t AAAA ns2" both NS1 and NS3 come back with "ns1.test.net has no AAAA record". It seems odd the ns2, in the middle, works but the others do not.

Also my digging into the logs kicked up a couple other items I am not sure are related.

Specifically the two SPF lines and the two DNS SEC key links kick up an "out of zone" error. I assume that is normal and not a problem but it would be good to check.

Any help you can provide is much appreciated.

  • 43
  • 3
  • 1
    Are you sure your zone is being included as `test.net`? The fact that it BIND is suggesting `test.net.` is outside the zone is a bit surprising, although it is a FQDN in a file where all the other names are relative. – Zanchey Jul 29 '15 at 02:22
  • Yes it is proper loaded and all ipv4 entries are working without issue. It is only the SPF and DNSSEC entries which trigger the zone warning. Bother SPF and DNSSEC are tested and working. – David Jul 29 '15 at 02:38
  • what is your config for `test.net`? – Rick Buford Jul 29 '15 at 12:13

0 Answers0