DNS is used in the IPv4 world to do name-to-address mappings and vice versa. This is not changing in the IPv6 world. The need for DNS is actually much greater because of the length of IPv6 addresses. Mixed IPv4/IPv6 environments need multiple host entries in DNS. A host communicating with both versions of TCP/IP needs at least two entries in DNSone with its IPv4 address and the other with its IPv6 address. A new DNS record type has been defined for IPv6 hosts. RFC 3596 defines the AAAA type record (called "quad-A"). RFC 2874 defines the A6 type record, which was designed to make renumbering of networks and prefix changes easier to administer. A6 has been moved to experimental status and is not used. The other DNS record types (NS and PTR records) remain unchanged, adjusting only to the IPv6 address format.

AAAA Records (RFC 3596)

RFC 3596 describes DNS extensions for IPv6 implementations based on AAAA records.This record type can store a 128-bit IPv6 address, and the DNS value for this type of record is 28 (decimal notation). A host that has more than one IPv6 address has an AAAA record for each address. The corresponding reverse lookup domain is IP6.ARPA. The reverse lookup records are PTR records of type 12.

An AAAA type record can look like this:

moon.universe.com   IN   AAAA   4321:0:1:2:3:4:567:89ab  

For reverse lookups, each subdomain level under IP6.ARPA represents 4 bits of the 128-bit address. The least significant bit appears at the far left of the domain name. Omitting leading zeros is not allowed in this case, so the PTR record for the previous example looks like this:

b.a.9.8.7.6.5.0.4.0.0.0.3.0.0.0.2.0.0.0.1.0.0.0.0.0.0.0.1.2.3.4.IP6.ARPA.IN  PTR   moon.universe.com  

DNS Servers

BIND implements IPv6 DNS in versions of BIND 8.4 and higher and in BIND Version 9. For BIND 8.2.3, a patch that adds some IPv6 support is available.

DNS implementations based on these versions of BIND support IPv6. A good reference site for BIND is the Internet Systems Consortium homepage at http://www.isc.org/products/BIND. The same site has a list of vendor implementations based on BIND. There are also links to versions of BIND that run on different versions of the Microsoft operating system.

The most important file for configuring a name server on Unix is /etc/named.conf. The file itself contains detailed information on how to configure it. To make name resolution work over IPv6, you need to add one important entry: listen on ipv6 { any }. This entry tells the name server to listen for IPv6 queries. Then update /var/named with the entries for all IPv6 hosts.

DNS Resolvers

Resolvers are the client part in DNS communication. The resolver sends out DNS requests for IP addresses to DNS servers. It can be part of an operating system or an application. DNS servers also have a resolver implemented to send out DNS requests to other DNS servers.

Resolvers in an IPv4/IPv6 network must be able to handle all record types: the A record type for IPv4 and the AAAA record type for IPv6. In the future, resolvers also need a mechanism for choosing the protocol on a dual-stack host. When the DNS server replies with a set of different addresses, resolvers need to implement a feature for a default choice of address, and this should be configurable. If the DNS reply contains an IPv4 and an IPv6 address, the resolver can either forward both addresses to the requesting application and let the application make the choice or make a choice on behalf of the application. If the resolver forwards the IPv4 address, the application will communicate over IPv4; if it forwards the IPv6 address, the application will communicate over IPv6. Applications written for dual-stack hosts should be able to determine whether they communicate with IPv6 or IPv4 peers.

When people talk about IPv6 support in DNS, they are usually referring to two different aspects that are sometimes not pointed out clearly. One aspect is whether your DNS server supports IPv6 address records (AAAA). A DNS server supporting AAAA records does not necessarily have to be queried over IPv6. It can reply to such requests using IPv4. The other aspect is whether the resolver and the DNS server can use IPv6 as a transport for DNS queries and replies. For instance, if you have Windows XP with the IPv6 stack running, it does lookups for IPv6 records but uses IPv4 as the transport for the query. The support for resolving DNS names over IPv6 in the case of Windows XP is planned for the next major release. The DNS service in the Windows 2003 server family supports IPv6 transport.

DNS Lookup

For the DNS lookupof IPv6 records, your client needs a resolver that supports the new record type. In my case, I used SuSE Linux host Ford with BIND 9 utilities and my Windows XP host Marvin with the IPv6 stack.

I used nslookup to play with my new DNS server. You can also use dig and host for DNS lookups; they are installed with BIND 9. nslookup has many configuration options. It can be run in interactive mode, and you can specify the types of records you want to query. You can set the query mode to either A type records for IPv4 or AAAA type records for IPv6, or set it to "any," in which case nslookup will request all records. The nslookup version I used did not support the A6 type. The DNS server still sends the information back, which is why you see the "unrecognized record" type in the answer.

Issues with DNS Lookups

In practice, there are some issues with DNS lookups where DNS servers do not react as expected when queried for AAAA records. This can lead to unexpected behavior on the client: for instance, a web browser that cannot connect to a web server although connectivity is available because it queries DNS for an AAAA record and, if there is no entry, fails to fall back to IPv4 even though the web server would have an A record with an IPv4 address. There are different causes and cases and, accordingly, different troubleshooting scenarios. If you want to explore this issue further, refer to RFC 4074, "Common Misbehavior Against DNS Queries for IPv6 Addresses."