|
HP OpenVMS systems documentation |
Previous | Contents | Index |
The information in this chapter is for experienced DNS/BIND
administrators. See the HP TCP/IP Services for OpenVMS Management manual for more information on
BIND.
3.1 IPv6 Support in BIND Version 9
BIND supports all forms of IPv6 name-to-address and address-to-name lookups. It can also accept queries over an IPv6 (AF_INET6) connection and use IPv6 addresses to make queries when running on an IPv6-capable system.
The BIND resolver has not yet been ported to communicate over IPv6 connections. Using getaddrinfo () and getnameinfo () calls, IPv6 applications are able to retrieve IPv6 address information contained in AAAA and PTR records over an IPv4 transport until the BIND resolver is ported to IPv6. |
For name-to-address lookups, using AAAA records is recommended because A6 records have been moved to experimental status. Like most stub resolvers, the resolver in TCP/IP Services supports only AAAA lookups because of the difficulty in following A6 chains. The AAAA record for IPv6 is analogous to the A record for IPv4. It specifies an entire address in a single record. For example,
$ORIGIN ipv6.my.zone. host1 IN AAAA 5f00:0000:0102:0300:0203:0800:2b0a:0b0c |
For address-to-name lookups, the nibble format is recommended because use of the bitstring format has been moved to experimental status. Use of the ip6.arpa IPv6 reverse mapping zone defined in RFC 3152 is recommended because the ip6.int IPv6 address space defined in RFC 1886 has been deprecated and will likely be phased out in the future.
As in IPv4, when looking up an address in nibble format, the address components are simply reversed and ip6.arpa. is appended to the resulting name. For example, the following would provide reverse lookup for a host with the address 5f00:0000:0102:0300:0203:0800:2b0d:0e0f:
$ORIGIN 3.0.2.0.0.0.3.0.2.0.1.0.0.0.0.0.0.0.f.5.ip6.arpa. f.0.e.0.d.0.b.2.0.0.8.0 IN PTR host2.ipv6.my.zone. |
The deprecation of the ip6.int IPv6 reverse mapping zone has resulted in an issue for existing clients that will continue to search the ip6.int name space for PTR resource records. Administrators will need to continue to provide PTR data under both of these zones to be compatible with both old and new clients. There is a convenient method using DNAME resource records that can ease administration of this data. The DNAME resource record is used to substitute one suffix of a domain name with another. In this case it will substitute your ip6.int zone suffix with the equivalent ip6.arpa zone suffix. For example, the following DNAME resource record accomplishes the substitution:
$ORIGIN 3.0.2.0.0.0.3.0.2.0.1.0.0.0.0.0.0.0.f.5.ip6.int. DNAME 3.0.2.0.0.0.3.0.2.0.1.0.0.0.0.0.0.0.f.5.ip6.arpa. |
This approach will work for any point in the name space as long as all
authoritative servers for the PTR zone fully implement DNAME resource
record behavior as specified in RFC 2672. This includes BIND9 servers
but excludes BIND8 servers.
3.1.4 Enabling IPv6 Interfaces
For IPv6, the BIND server does not bind a separate socket to each interface address as it does for IPv4. Instead, it listens on the IPv6 wildcard address, which is not enabled by default. You must use the listen-on-v6 option to specify the ports on which the server will listen for incoming queries sent using IPv6. To enable the BIND server to answer IPv6 queries, you must specify the port in the options statement of the BIND server configuration file. The only values allowed for the option are { any; } and { none; }. For example, to listen on the default port 53 specify the following:
listen-on-v6 { any; }; |
To listen on port 1234, specify the following:
listen-on-v6 port 1234 { any; }; |
If you do not specify the
listen-on-v6
option, the BIND server will not listen on any IPv6 interfaces.
3.2 Sample BIND Configuration Files
The SYS$COMMON:[SYSHLP.EXAMPLES.TCPIP.IPV6.BIND] directory contains DNS configuration and data files that show sample IPv6 information for you to study and adapt to your environment.
Example 3-1 shows a sample BIND Server configuration file. This file is the mechanism used by BIND for pointing the server to its zone data files.
Example 3-1 Sample TCPIP$BIND.CONF_IPV6 |
---|
# # File name: TCPIP$BIND.CONF_IPV6 # Product: hp TCP/IP Services for OpenVMS # Version: V5.4-00 # # © Copyright 1976, 2003 Hewlett-Packard Development Company, L.P. # # # Example IPv6 BIND server configuration # options { directory "sys$specific:[tcpip$bind]"; # # (listen-on-v6 is for BIND 9 and later) # Unless this option is specified, the server # does not listen on any IPv6 addresses. # Use: listen-on-v6 { any; }; # }; zone "ipv6.my.zone" { type master; file "ipv6.db"; }; zone "3.0.2.0.0.0.3.0.2.0.1.0.0.0.0.0.0.0.f.5.IP6.ARPA" { type master; file "ipv6.arpa"; }; zone "3.0.2.0.0.0.3.0.2.0.1.0.0.0.0.0.0.0.f.5.IP6.INT" { type master; file "ipv6.int"; }; zone "0.0.127.in-addr.arpa" { type master; file "127_0_0.db"; }; zone "localhost" in { type master; file "localhost.db"; }; zone "." { type hint; file "root.hint"; }; |
Example 3-2 shows the forward mapping data file for the ipv6.my.zone zone. Note that both AAAA resource records (IPv6) and A resource records (IPv4) can be included in a zone. Administrators may wish to delegate a separate zone containing only IPv6 resource records for convenience.
Example 3-2 Sample IPV6.DB File |
---|
; ; File name: IPV6.DB ; Product: hp TCP/IP Services for OpenVMS ; Version: V5.4-00 ; ; © Copyright 1976, 2003 Hewlett-Packard Development Company, L.P. ; ; ; Example BIND data file for ipv6.my.zone ; $TTL 1d @ IN SOA ns.ipv6.my.zone. postmaster.ipv6.my.zone. ( 1 ; Serial 3600 ; Refresh 300 ; Retry 3600000 ; Expire 3600 ) ; Minimum ; ; Nameservers ; IN NS ns.ipv6.my.zone. IN NS ns.ipv4.my.zone. ; ; IPv6 nodes ; host1 IN AAAA 5F00:0000:0102:0300:0203:0800:2B0A:0B0C host2 IN AAAA 5F00:0000:0102:0300:0203:0800:2B0D:0E0F ; ; IPv4 and IPv6 nodes ; host3 IN AAAA 5F00:0000:0102:0300:0203:0800:2B0C:0B0A IN A 10.20.30.40 host4 IN A 10.30.40.50 |
Example 3-3 shows the reverse mapping data file for the 3.0.2.0.0.0.3.0.2.0.1.0.0.0.0.0.0.0.f.5.ip6.arpa zone.
Example 3-3 Sample IPV6.ARPA File |
---|
; ; File name: IPV6.ARPA ; Product: hp TCP/IP Services for OpenVMS ; Version: V5.4-00 ; ; © Copyright 1976, 2003 Hewlett-Packard Development Company, L.P. ; ; ; Example BIND data file for 3.0.2.0.0.0.3.0.2.0.1.0.0.0.0.0.0.0.f.5.IP6.ARPA ; (corresponds to the 5F00:0000:0102:0300:0203::/80 prefix) ; $TTL 1d @ IN SOA ns.ipv6.my.zone. postmaster.ipv6.my.zone. ( 1 ; Serial 3600 ; Refresh 300 ; Retry 3600000 ; Expire 3600 ) ; Minimum ; ; Nameservers ; IN NS ns.ipv6.my.zone. IN NS ns.ipv4.my.zone. ; ; IPv6 nodes ; c.0.b.0.a.0.b.2.0.0.8.0 IN PTR host1.ipv6.my.zone. f.0.e.0.d.0.b.2.0.0.8.0 IN PTR host2.ipv6.my.zone. a.0.b.0.c.0.b.2.0.0.8.0 IN PTR host3.ipv6.my.zone. |
Example 3-4 shows a sample IPV6.INT data file containing the single DNAME resource record that accomplishes the ip6.int renaming as discussed in Section 3.1.3.
Any data added to the ip6.arpa name space in the IPV6.ARPA zone data file will now also be available in the ip6.int name space. No changes need to be made to the IPV6.INT zone data file. The IPV6.INT and IPV6.ARPA zone statements in the BIND server configuration file are the same as those in Example 3-1.
Example 3-4 Sample IPV6.INT File |
---|
; ; File name: IPV6.INT ; Product: hp TCP/IP Services for OpenVMS ; Version: V5.4-00 ; ; © Copyright 1976, 2003 Hewlett-Packard Development Company, L.P. ; ; ; Example BIND data file for 3.0.2.0.0.0.3.0.2.0.1.0.0.0.0.0.0.0.f.5.IP6.INT ; (corresponds to the 5F00:0000:0102:0300:0203::/80 prefix) ; $TTL 1d @ IN SOA ns.ipv6.my.zone. postmaster.ipv6.my.zone. ( 1 ; Serial 3600 ; Refresh 300 ; Retry 3600000 ; Expire 3600 ) ; Minimum ; ; Nameservers ; IN NS ns.ipv6.my.zone. IN NS ns.ipv4.my.zone. ; ; DNAME record ; DNAME 3.0.2.0.0.0.3.0.2.0.1.0.0.0.0.0.0.0.f.5.ip6.arpa. |
Once you have configured your system for IPv6, you may want to make changes to your configuration or monitor the network. TCP/IP Services for OpenVMS supplies commands to do both.
Extensions to existing management commands and a new IPv6 command allow you to perform typical management functions. Section 4.1 describes these commands.
Section 4.2 describes typical IPv6 management tasks, with examples.
Section 4.3 describes UNIX-style management tools to monitor the network.
Section 4.4 describes log files that you can use to monitor network
performance.
4.1 IPv6 Extensions to Management Commands
The HP TCP/IP Services for OpenVMS Management Command Reference manual describes the basic management commands, including the UNIX commands, you can use to manage the TCP/IP Services software. The HP TCP/IP Services for OpenVMS Tuning and Troubleshooting manual contains more detailed information about the UNIX management commands. The following sections describe only IPv6 extensions to those management commands.
To use UNIX management commands at the DCL prompt, execute the following command procedure (or put it into your LOGIN.COM so that it executes each time you log in):
$ @SYS$MANAGER:TCPIP$DEFINE_COMMANDS |
UNIX flags and OpenVMS interface names are case sensitive. When entering UNIX management commands at the DCL prompt, you must enclose uppercase UNIX flags and OpenVMS interface names in quotation marks to preserve the case of the input. |
For the AF_INET6 address family, use the following syntax:
ifconfig interface_id address_family [[ip6prefix] address[/bitmask] [dest_address]] [parameters] |
For the AF_INET6 address family, the address argument is either a host name or the 128-bit IPv6 address, in the following format:
x:x:x:x:x:x:x:x |
In this format, each x is the hexadecimal value of a 16-bit piece of the address.
The ip6prefix argument specifies that the interface identifier is to be appended to the address argument when configuring an address on the interface. The interface identifier uniquely identifies an interface on a subnet and is typically the interface's Link layer address. The following are the parameters for the ifconfig command.
Parameters [AF_INET6 only]:
$ ifconfig "WEO" ipv6 |
$ ifconfig "WE0" ip6interfaceid ::abcd:1234 ipv6 |
Refer to the HP TCP/IP Services for OpenVMS Tuning and Troubleshooting manual for more information on the
ifconfig
command.
4.1.2 iptunnel Command
The iptunnel command creates configured tunnels for sending and receiving IPv6 or IPv4 packets that are encapsulated as the payload of an IPv4 datagram.
The iptunnel command can perform the following operations:
iptunnel create [-I int-name] [v4-dest] [v4-src] |
$ ifconfig tunnel name down delete abort |
$ iptunnel delete tunnel |
$ iptunnel show tunnel |
For related information, see RFC 2003.
4.2 Typical Management Tasks
After restarting the network with IPv6 enabled, you might want to do the following:
The following sections describe these tasks.
4.2.1 Connecting to the 6bone Network
The 6bone network provides a test environment for IPv6 networks. To connect to the 6bone, choose a 6bone point that is reasonably close to your normal IPv4 paths into the Internet. The 6bone web site at http://www.6bone.net contains information on how to join the 6bone and how to find an attachment point. If you want to connect to the 6bone through the HP Palo Alto site either before or after you configure IPv6 on your host or router, complete the following steps:
gw-6bone@pa.dec.com |
altavista.ipv6.digital.com ftp.ipv6.digital.com www.ipv6.hp.com |
http://www.6bone.net |
In some cases, you might want to either add a new interface card to your system or change an interface card from one type to another. After the new card is installed, you must initialize it for IPv6 operation. To initialize an interface, use the ifconfig command with the following syntax:
$ ifconfig device ipv6 up |
OpenVMS interface names must be in uppercase. When you enter them with UNIX management commands at the DCL prompt, you must enclose the name of the interface in double quotation marks. |
For LAN interfaces, the ifconfig command creates the link-local address (FE80::) and starts detection of duplicate addresses.
For example, to initialize Ethernet interface WE0 for use with IPv6, enter the following:
$ ifconfig "WE0" ipv6 up |
To initialize the loopback interface for use with IPv6, enter the following:
$ ifconfig "LO0" ipv6 up |
To initialize the automatic tunnel interface, enter the following:
$ ifconfig "TN0" ipv6 up |
This command designates one of the system's IPv4 addresses for use as the tunnel endpoint.
If you want the designated IPv4 address to be the permanent tunnel
endpoint, you must use TCPIP$IP6_SETUP.
4.2.2.1 Setting the IPv6 Interface Identifier
You can set the IPv6 interface ID at the same time you initialize an interface by using the ifconfig command with the ip6interfaceid parameter. For example, to initialize Ethernet interface WE0 for use with IPv6 and to set its interface ID to the 64-bit value 0x0123456789abcdef , enter the following:
$ ifconfig "WE0" ip6interfaceid ::0123:4567:89ab:cdef ipv6 up |
Although the interface ID is expressed in standard IPv6 address format, only the low-order 64 bits are used.
Previous | Next | Contents | Index |