Configuring rndc to Work Over IPv6

.5.1 Problem

You want to use rndc over IPv6.

.5.2 Solution

On a BIND 9.2.0 or later name server, add an inet controls statement to named.conf, telling the name server to listen on the hosts IPv6 interface for control messages. For example:

controls {
 inet 123:4567:89ab:cdef:123:4567:89ab:cdef allow { any; } keys { "rndc-key"; };
};

Then specify the hosts IPv6 address as the argument to rndcs -s option, as in:

# rndc -s 123:4567:89ab:cdef:123:4567:89ab:cdef status

If you would like to make that address the default for rndc to connect to, add a default-server options substatement to rndc.conf, like this:

options {
 default-server 123:4567:89ab:cdef:123:4567:89ab:cdef;
 default-key "rndc-key";
};

.5.3 Discussion

If you don want to rely entirely on IPv6 for the name servers control channel, you can use multiple inet controls substatements. For example:

controls {
 inet * allow { localhost; } keys { "rndc-key"; };
 inet 123:4567:89ab:cdef:123:4567:89ab:cdef allow { any; } keys { "rndc-key"; };
};

As with listen-on-v6, introduced in Section 11.2, you can use the predefined localhost or localnets ACLs with an IPv6 interface in the controls statement.

.5.4 See Also

Section 11.2.


Getting Started

Zone Data

BIND Name Server Configuration

Electronic Mail

BIND Name Server Operations

Delegation and Registration

Security

Interoperability and Upgrading

Resolvers and Programming

Logging and Troubleshooting

IPv6



DNS & BIND Cookbook
DNS & BIND Cookbook
ISBN: 0596004109
EAN: 2147483647
Year: 2005
Pages: 220
Authors: Cricket Liu

Flylib.com © 2008-2020.
If you may any questions please contact us: flylib@qtcs.net