[Jool-list] exempting local networks from dns64

JORDI PALET MARTINEZ jordi.palet at consulintel.es
Thu Jan 16 11:21:20 CST 2020 

Hi Brian,

I use this typically:

dns64 64:ff9b::/96 {
        clients { any; };
        mapped { any; };
        exclude { 0::/3; 4000::/2; 8000::/1; 2001:db8::/32; };
        break-dnssec no;
        };

This avoids the prefixes used for things that should not get AAAA synthetized. It can be improved, for example adding the transition mechanism prefixes (Teredo, 6to4, etc.). Then add your own exclusions.

You can just add ACLs as well.

Regards,
Jordi
@jordipalet
 
 

El 16/1/20 18:07, "Jool-list en nombre de Brian J. Murrell" <jool-list-bounces at nic.mx en nombre de brian at interlinx.bc.ca> escribió:

    https://www.jool.mx/en/dns64.html has an interesting description of
    setting up dns64 and it works for Internet host lookups.
    
    What it doesn't do though is account for addresses in the DNS server
    for local subnets.
    
    From a host configured to use dns64, a lookup for an AAAA record for a
    host on the local network ends up returning the dns64'd IPv4 address
    rather than available IPv6 addresses from the local network.
    
    Surely I am not the first person to come across this.  I wonder if
    there are any best-known-methods for handling this.  Perhaps the above
    web page can be updated to accommodate such a scenario.
    
    Cheers
    b.
    
    _______________________________________________
    Jool-list mailing list
    Jool-list at nic.mx
    https://mail-lists.nic.mx/listas/listinfo/jool-list
    



**********************************************
IPv4 is over
Are you ready for the new Internet ?
http://www.theipv6company.com
The IPv6 Company

This electronic message contains information which may be privileged or confidential. The information is intended to be for the exclusive use of the individual(s) named above and further non-explicilty authorized disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited and will be considered a criminal offense. If you are not the intended recipient be aware that any disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited, will be considered a criminal offense, so you must reply to the original sender to inform about this communication and delete it.

More information about the Jool-list mailing list