Sunday, November 29, 2015

Quad, eh?

DNS is your IPv6 friend

by Craig Miller

IPv6  The Memory Test

Needs DNS
Old hands at IPv4 pride themselves on knowing the address of their servers, routers, name servers, etc. However with IPv6 and eight (8) groups of four (4) hexidecimal numbers as an address, this becomes more taxing on the memory. Of course an address like 2001:470:1d:583:fc48:b08e:c438:9e5d isn't impossible to remember, brighter minds than mine will be able to.

DNS to the rescue

As the internet grew in the early 80's it became apparent that having a service which would translate names to IP addresses would be extremely helpful. Humans, after all, are used to remembering names. In 1983, the first DNS (Domain Name Service, RFC 1034) was created, and BIND (Berkeley Internet Name Daemon) remains the standard for DNS today.

Internet Humour

DNS information is kept in a structured file, with name to address mapping in 'A' records. An example would look like this:
obake IN A 10.1.1.3
; IN HINFO "Intel Core I7 VM Host"

With the introduction of IPv6 for DNS (RFC 3596) a new type of line or record was added to the DNS structured file, an AAAA record, or Quad A record. 

Since an A record represented an IPv4 address (or 32 bit address) and an IPv6 is an 128 bit address, which is 4 time longer, it is an inside joke to make a DNS record 4 times longer, or a AAAA record.

Quad AAAA records

An example of a single A and Quad A record is:
obake IN A 10.1.1.3
obake IN AAAA 2001:470:1d:583:224:1dff:fed3:a117
; IN HINFO "Intel Core I7 VM Host"

As you can see it is much easier to type ping6 obake, rather than ping6 2001:470:1d:583:224:1dff:fed3:a117. And a lot easier to remember as well.

DNS as a transition tool

A really nice feature of DNS is that it will accept queries on both IPv4 and IPv6, returning either A or AAAA records. This means that if your host only makes DNS queries over IPv4, it can resolve IPv6 addresses (or if you prefer, query AAAA records).

Running a DNS service with A and AAAA records means any host, legacy or not, can resolve IPv6 addresses on your network. There is no cost beyond adding the AAAA records to your DNS. And suddenly, troubleshooting your network will get much easier.

A key difference from IPv4

DNS will typically not have reverse entries for IPv6. As I have mentioned in earlier posts, with SLAAC, and temporary (or private) addresses which change every 24 hours, your reverse entries in your DNS would have to be updated every day!

IPv6 is supposed to make your life easier, but updating reverse entries daily is not easier. So most network operators will have a few statically defined IPv6 reverse entries (usually for servers) and that is it.

IPAM

Another solution to address management, DNS, and reverse entries is the use of IPAM (IP Address Management) software. Of course you could keep track of your address management in an excel spreadsheet, and many do. But when adding IPv6, you will find the IPAM software to free you from typos, versioning, and locked shared file problems. BlueCat and BT Diamond are a couple of the many IPAM vendors out there today.

Hammer Time

Remember, DNS is a tool to make your life easier. Sure you can use a rock to pound a nail, but a hammer is so much nicer. DNS will make ping6 hammer time.

* Quad, Eh? is not an internet joke, but a Canadian one

No comments:

Post a Comment