Hurricane Electric's IPv6 Tunnel Broker Forums

General IPv6 Topics => IPv6 Basics & Questions & General Chatter => Topic started by: kasperd on December 13, 2012, 01:26:25 AM

Title: Translation for IPv6 only authoritative DNS servers
Post by: kasperd on December 13, 2012, 01:26:25 AM
If I am in a situation where I'd like to host authoritative DNS servers for some domain, but I only have public IPv6 addresses to host them on, is there any existing service, which can do translation to make the domain accessible to IPv4 only recursive resolvers?

The translation I have in mind could be completely stateless with the translator embedding the IPv4 address of the recursive resolver into an IPv6 address before passing the request unmodified to an IPv6 only authoritative DNS server.

Does such a service exist already?
Title: Re: Translation for IPv6 only authoritative DNS servers
Post by: kasperd on December 15, 2012, 01:36:01 AM
I take the lack of response to mean there isn't any well known service to do such a thing. I wanted to give it a try myself, but I ran into one problem so far, which I can't yet explain.

With one particular recursive resolver I always get SERVFAIL back from the recursive resolver. I don't see anything wrong with the response I send to the recursive resolver.

I have attached a dump of the communication between the recursive resolver and my translator. Does anybody else see the problem with my response?
Title: Re: Translation for IPv6 only authoritative DNS servers
Post by: kasperd on December 15, 2012, 03:36:28 AM
Quote from: kasperd on December 15, 2012, 01:36:01 AMI wanted to give it a try myself, but I ran into one problem so far, which I can't yet explain.
Found the problem. Reply had flags 0x8000, it should be 0x8400 to indicate that the server is authoritative. Apparently most recursive resolvers are completely happy with the authoritative server giving a non-authoritative reply, but this particular one would not accept that.
Title: Re: Translation for IPv6 only authoritative DNS servers
Post by: ddarvish on December 18, 2012, 05:05:03 PM
hey man. i am a total super duper noob and would love to setup something identical to this.. i am hosting a webstie on a computer and obiously only have 1 public ipv4 address but many ip6 addresses with my tunnelbroker account. i am using windows server 2012 for ADDS (active directory domain services) so it acts as my webserver and my dns server. any advice you got would be great... btw i wonder if there are any services similar to HE's tunnel broker but instead for ipv4 addresses.. that would be a nice way of getting additional public ipv4 addresses.