[MaraDNS list] How to get MaraDNS and Deadwood to talk to each other?
Joshua Kinard
kumba at gentoo.org
Tue Mar 6 18:21:54 EST 2012
On 03/06/2012 11:36, Sam Trenholme wrote:
> There's a pretty good chance that, once IPv6 is prominent enough that
> my home internet connection gives me an IPv6 IP, I will make sure
> MaraDNS and Deadwood are fully functional on an IPv6 network. Yes,
> this means I will probably have to add a bunch of ugly code for
> glueless NS referrals to first look for an A record, then look for an
> AAAA record if the A record is reported as not existing.
My ISP is Comcast, and despite the poor quality of their customer service,
they are the only residential-grade ISP working really hard towards full
IPv6 deployment. They've even stated that they may not default to full /64
handouts for all customers, but might even go down to /112 or /128, based on
customer need. But, that's still a ways off.
For now, I setup a small IPv6 network internally, using ULA addresses
(because I want an easy-to-remember prefix and am not planning on being
acquired by a large enterprise anytime soon). This allows for basic testing
and understanding of what IPv6 is and how to work with it. I even have an
IPv6 firewall ruleset ready once I get an external IPv6 address. If you
find the time, perhaps this is something worth trying out to add more IPv6
functionality to MaraDNS.
One of my primary motivations for trying to move off of PowerDNS is its
default backend is a database (specifically, MySQL), which seems silly for a
DNS server. I instead used LDAP as a backend (okay, I managed a NetWare
network once and loved storing DNS inside of eDirectory). But The PowerDNS
LDAP backend is unmaintained as of v3.0 and already has bugs in properly
resolving IPv6 PTR records when using a simple LDAP tree layout. This
brought me to look at MaraDNS because of the use of text files for storage,
but I might also give BIND another shot, too.
That all said, and possibly due to some of my inexperience in advanced C
projects and not a deep understanding of DNS, wouldn't looking through the
results of a DNS response for any A records before AAAA be just a basic,
repeated string search? I would imagine that shouldn't be *too* ugly a
piece of code. What about looking for AAAA before A? I have noticed that a
lot of dual-stack network implementations do this by querying first for
AAAA, then trying again for A when they get NXDOMAIN or another such error.
Cheers,
--
Joshua Kinard
Gentoo/MIPS
kumba at gentoo.org
4096R/D25D95E3 2011-03-28
"The past tempts us, the present confuses us, the future frightens us. And
our lives slip away, moment by moment, lost in that vast, terrible in-between."
--Emperor Turhan, Centauri Republic
More information about the list
mailing list