Ecdysis provides DNS64 patch for unbound. download the patch as below URL.
http://ecdysis.viagenie.ca/download.html
I downloaded ecdysis-unbound-1.4.7.20101117.patch.gz.
This patch is for unbound 1.4.7. If you don’t have unbound 1.4.7 , plz download that ver.
unzip patch file.
apply patch
- compile unbound.
- edit unbound.conf to enable DNS64
Please note that “module-config” directive must start with “dns64”
add dns64-prefix in “server clause”
The prefix must be a /96 or shorter.
- fly unbound
- check unbound loads dns64 module
If AAAA records exist , unbound doesn’t change a response.
http://ecdysis.viagenie.ca/download.html
I downloaded ecdysis-unbound-1.4.7.20101117.patch.gz.
This patch is for unbound 1.4.7. If you don’t have unbound 1.4.7 , plz download that ver.
unzip patch file.
| # gunzip ecdysis-unbound-1.4.7.20101117.patch.gz |
apply patch
| # tar xzvf unbound-1.4.7.tar.gz # cd unbound-1.4.7 # patch -p1 < ../ecdysis-unbound-1.4.7.20101117.pa tch patching file .gitignore patching file Makefile.in patching file dns64/dns64.c patching file dns64/dns64.h patching file doc/README.DNS64 patching file doc/example.conf.in patching file services/modstack.c patching file util/config_file.h patching file util/configlexer.c patching file util/configlexer.lex patching file util/configparser.c patching file util/configparser.h patching file util/configparser.y patching file util/data/msgreply.c patching file util/data/msgreply.h patching file util/fptr_wlist.c |
- compile unbound.
| # ./configure --disable-gost # make # make install |
- edit unbound.conf to enable DNS64
Please note that “module-config” directive must start with “dns64”
| module-config: "dns64 validator iterator" |
add dns64-prefix in “server clause”
| server: dns64-prefix: 64:FF9B::/96 |
The prefix must be a /96 or shorter.
- fly unbound
| # unbound-control start |
- check unbound loads dns64 module
| # unbound-control status version: 1.4.7 verbosity: 1 threads: 1 modules: 3 [ dns64 validator iterator ] |
| # dig @::1 www.facebook.com aaaa ; <<>> DiG 9.8.0-P2 <<>> @::1 www.facebook.com aaaa ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 19672 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;www.facebook.com. IN AAAA ;; ANSWER SECTION: www.facebook.com. 14 IN AAAA 64:ff9b::45ab:e40d |
If AAAA records exist , unbound doesn’t change a response.
| # dig @127.1 www.isc.org aaaa ; <<>> DiG 9.8.0-P2 <<>> @127.1 www.isc.org aaaa ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 44724 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 4, ADDITIONAL: 6 ;; QUESTION SECTION: ;www.isc.org. IN AAAA ;; ANSWER SECTION: www.isc.org. 600 IN AAAA 2001:4f8:0:2::d |
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.