[Pdns-users] Question on IPv6 with ldap backend
Nikolaos Milas
nmilas at admin.noa.gr
Sat Sep 18 16:25:26 UTC 2010
Waiting for a reply on this (ipv6 with ldap, tree mode), I decided to
test simple mode and I found the solution with it. I still believe that
the tree method would need a 34-level deep ldap structure (32 items for
ipv6 address plus ip6 plus arpa), which renders it totally unsuitable
for ipv6 use. *Norbert or someone who knows, please confirm or correct
me if I'm wrong!*
So, I converted to ldap simple mode by using zone2ldap, based on the
zone files from my BIND9 slave (dns2.example.com, 10.11.12.101, see below).
(Domain names and ip addresses are public, so they have been changed: we
assume domain example.com with Class-C subnet 10.11.12.0/24 and ipv6
zone: fe80:100:100:1::/64)
Here are the ipv4 reverse zone ldap entries:
dn: dc=12.11.10.in-addr.arpa,ou=dns,dc=example,dc=com
objectClass: dNSDomain2
objectClass: domainRelatedObject
dc: 12.11.10.in-addr.arpa
nSRecord: dns.example.com
nSRecord: dns2.example.com
associatedDomain: 12.11.10.in-addr.arpa
sOARecord: dns.example.com sysadmin.example.com 2010051213 3600 180
604800 10800
dn: dc=100,dc=12.11.10.in-addr.arpa,ou=dns,dc=example,dc=com
objectClass: dNSDomain2
objectClass: domainRelatedObject
dc: 100
associatedDomain: 100.12.11.10.in-addr.arpa
pTRRecord: dns.example.com
dn: dc=101,dc=12.11.10.in-addr.arpa,ou=dns,dc=example,dc=com
objectClass: dNSDomain2
objectClass: domainRelatedObject
dc: 101
associatedDomain: 101.12.11.10.in-addr.arpa
pTRRecord: dns2.example.com
So, I added a zone for ipv6 reverse lookups, and it works:
dn: dc=1.0.0.0.0.0.1.0.0.0.1.0.0.8.e.f.ip6.arpa,ou=dns,dc=example,dc=com
objectClass: dNSDomain2
objectClass: domainRelatedObject
dc: 1.0.0.0.0.0.1.0.0.0.1.0.0.8.e.f.ip6.arpa
nSRecord: dns.example.com
nSRecord: dns2.example.com
associatedDomain: 1.0.0.0.0.0.1.0.0.0.1.0.0.8.e.f.ip6.arpa
sOARecord: dns.example.com sysadmin.example.com 2010091801 3600 180
604800 10800
dn:
dc=0.0.1.0.0.0.0.0.0.0.0.0.0.0.0.0,dc=1.0.0.0.0.0.1.0.0.0.1.0.0.8.e.f.ip6.arpa,ou=dns,dc=example,dc=com
objectClass: dNSDomain2
objectClass: domainRelatedObject
dc: 0.0.1.0.0.0.0.0.0.0.0.0.0.0.0.0
associatedDomain:
0.0.1.0.0.0.0.0.0.0.0.0.0.0.0.0.1.0.0.0.0.0.1.0.0.0.1.0.0.8.e.f.ip6.arpa
pTRRecord: dns.example.com
dn:
dc=1.0.1.0.0.0.0.0.0.0.0.0.0.0.0.0,dc=1.0.0.0.0.0.1.0.0.0.1.0.0.8.e.f.ip6.arpa,ou=dns,dc=example,dc=com
objectClass: dNSDomain2
objectClass: domainRelatedObject
dc: 1.0.1.0.0.0.0.0.0.0.0.0.0.0.0.0
associatedDomain:
1.0.1.0.0.0.0.0.0.0.0.0.0.0.0.0.1.0.0.0.0.0.1.0.0.0.1.0.0.8.e.f.ip6.arpa
pTRRecord: dns2.example.com
Finally, I simply added an AAAArecord attribute in the existing forward
records for the hosts concerned:
dn: dc=example.com,ou=dns,dc=example,dc=com
objectClass: dNSDomain2
objectClass: domainRelatedObject
associatedDomain: example.com
dc: example.com
mXRecord: 10 mailgw.example.com
mXRecord: 100 mailgw2.example.com
nSRecord: dns.example.com
nSRecord: dns2.example.com
sOARecord: dns.example.com sysadmin.example.com 2010091801 900 180
3600 10800
dn: dc=dns,dc=example.com,ou=dns,dc=example,dc=com
objectClass: dNSDomain2
objectClass: domainRelatedObject
aRecord: 10.11.12.100
aAAARecord: fe80:100:100:1::100
associatedDomain: dns.example.com
dc: dns
dn: dc=dns2,dc=example.com,ou=dns,dc=example,dc=com
objectClass: dNSDomain2
objectClass: domainRelatedObject
aRecord: 10.11.12.101
aAAARecord: fe80:100:100:1::101
associatedDomain: dns2.example.com
dc: dns2
Regards,
Nick
More information about the Pdns-users
mailing list