[dns-operations] Setting up IPv6 reverse mapping zones

Jeroen Massar jeroen at unfix.org
Fri Jul 20 10:25:45 UTC 2012


On 2012-07-19 20:28, McGhee, Karen (Evolver) wrote:
> Is it possible to set up a single IPv6 reverse mapping zone for
> 2610:20:5000:: /45?  Or must I set up multiple zones:
> db.2610:20:5000
> db.2610:20:5001
> db.2610:20:5002
> db.2610:20:5003
>
> and so on.

IPv6 reverses go per nibble, thus 4 bits, as such a non-4-bit boundary
thus indeed requires you to do separate chunks for each /44:

2610:20:5000::/44 0.0.0.5.0.2.0.0.0.1.6.2.ip6.arpa
2610:20:5001::/44 1.0.0.5.0.2.0.0.0.1.6.2.ip6.arpa
2610:20:5002::/44 2.0.0.5.0.2.0.0.0.1.6.2.ip6.arpa
2610:20:5003::/44 3.0.0.5.0.2.0.0.0.1.6.2.ip6.arpa
2610:20:5004::/44 4.0.0.5.0.2.0.0.0.1.6.2.ip6.arpa
2610:20:5005::/44 5.0.0.5.0.2.0.0.0.1.6.2.ip6.arpa
2610:20:5006::/44 6.0.0.5.0.2.0.0.0.1.6.2.ip6.arpa
2610:20:5007::/44 7.0.0.5.0.2.0.0.0.1.6.2.ip6.arpa

Which makes up a /45. Your parent also needs to delegate them as such.

You could btw "cheat" a little bit if your server is only going to be
authoritative (and not recursive which you should never mix anyway) for
that prefix and not for other chunks in there by just declaring it as a
/44. But that might mess up DNSSEC if you start deploying that which as
you are in .gov will likely happen sooner than later.

Greets,
 Jeroen




More information about the dns-operations mailing list