Setup DNS Dual Stack Server on CentOS 7

Share on Social Media

In this article, you will learn, how to setup DNS Dual Stack Server on CentOS 7 or other Redhat based Linux OS. #centlinux #linux #dnsserver

What is DNS Dual Stack Server?

A Dual Stack is a network of computer systems that are capable of processing both IPv4 and IPv6 traffic simultaneously. A Dual Stack strategy is also used to migrate network from IPv4 to IPv6. Dual stacks are programmed to prefer IPv6 traffic over IPv4 traffic.

A DNS Dual Stack Server is a DNS server that supports both IPv4 and IPv6 addresses. This capability is essential for ensuring compatibility and connectivity in a network environment where both IPv4 and IPv6 are used. Here are the key aspects of a DNS Dual Stack Server:

IPv4 and IPv6 Support:

  • The server can handle DNS queries and responses for both IPv4 (A records) and IPv6 (AAAA records) addresses.

DNS Records:

  • A record: Maps a domain name to an IPv4 address.
  • AAAA record: Maps a domain name to an IPv6 address.
  • The DNS server must be able to manage and resolve both types of records.

Network Compatibility:

  • A Dual Stack DNS server ensures that clients using either IPv4 or IPv6 can resolve domain names and connect to the appropriate resources.

Transition and Coexistence:

  • As the internet transitions from IPv4 to IPv6, having a Dual Stack DNS server allows for a smoother coexistence and transition period, ensuring that all clients can access network services regardless of the IP version they use.

Configuration:

  • Dual Stack DNS servers require configuration to handle both IP address types. This involves setting up network interfaces, DNS software (such as BIND or PowerDNS), and ensuring proper DNS records are in place.

Benefits of a DNS Dual Stack Server

Future-Proofing:

  • As IPv6 adoption increases, having a Dual Stack DNS server ensures compatibility with future network architectures.

Enhanced Connectivity:

  • Ensures all users, regardless of whether they use IPv4 or IPv6, can access your services.

Improved Performance:

  • Some networks may experience better performance and routing efficiency with IPv6 due to its larger address space and improved design.

Compliance:

  • Meets the requirements of modern network standards and practices, ensuring compliance with industry expectations.

Example Use Case

Client Query:

  • A client with an IPv6 address queries the DNS server for example.com.

DNS Resolution:

  • The DNS server checks its records and finds an AAAA record for example.com, responding with the IPv6 address.

IPv4 Fallback:

  • If an IPv4 client queries the same domain, the DNS server responds with the A record containing the IPv4 address.

Seamless Operation:

  • The DNS server handles both queries seamlessly, providing appropriate responses based on the client’s IP version.

Conclusion

A DNS Dual Stack Server is crucial for modern network environments that use both IPv4 and IPv6. By supporting both protocols, it ensures comprehensive connectivity, future-proofs your network infrastructure, and provides a seamless experience for all users.

Recommended Online Training: Learn Bash Shell in Linux for Beginners

745772 0021

Environment Specification

In our previous article, we have configured an IPv4 based Authoritative DNS server on CentOS 7. However, some fans request that, we should also write an article on Dual Stack Authoritative DNS Server on CentOS 7.

Therefore, in this article, we are using the same server machines from our previous article, setup a Dual Stack network between them and then we will configure our BIND DNS server to serve RR (Resource Records) for both IPv4 and IPv6 stacks.

We are using the same CentOS 7 virtual machines that we have configured in our previous article i.e. Configure Authoritative DNS Server on CentOS 7.

Primary (Master) DNS Server:

  • CPU – 3.4 Ghz (1 Core)
  • Memory – 1 GB
  • Storage – 20 GB
  • Operating System – CentOS 7.6
  • Hostname – dns-01.example.com
  • IPv4 Address – 192.168.116.4 /24
  • IPv6 Address – fd15:4ba5:5a2b:1008::1 /64

Secondary (Slave) DNS Server:

  • CPU – 3.4 Ghz (1 Core)
  • Memory – 1 GB
  • Storage – 20 GB
  • Operating System – CentOS 7.6
  • Hostname – dns-02.example.com
  • IPv4 Address – 192.168.116.5 /24
  • IPv6 Address – fd15:4ba5:5a2b:1008::2/64

Note: The above machines are already configured on IPv4 based network.

Configure IPv6 network on CentOS 7

Connect with dns-01.example.com using ssh as root user.

Set an IPv6 address on this server.

# nmcli c m ens33 ipv6.method manual ipv6.addresses "fd15:4ba5:5a2b:1008::1/64" ipv6.gateway fd15:4ba5:5a2b:1008:153c:3b05:4535:d080 

Restart network interface to load changes.

# nmcli c down ens33 ; nmcli c up ens33
Connection 'ens33' successfully deactivated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/1)
Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/2)

Ping IPv6 address of network Gateway to verify connectivity.

# ping6 fd15:4ba5:5a2b:1008:153c:3b05:4535:d080
PING fd15:4ba5:5a2b:1008:153c:3b05:4535:d080(fd15:4ba5:5a2b:1008:153c:3b05:4535:d080) 56 data bytes
64 bytes from fd15:4ba5:5a2b:1008:153c:3b05:4535:d080: icmp_seq=3 ttl=64 time=0.757 ms
64 bytes from fd15:4ba5:5a2b:1008:153c:3b05:4535:d080: icmp_seq=4 ttl=64 time=0.886 ms
^C
--- fd15:4ba5:5a2b:1008:153c:3b05:4535:d080 ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3040ms
rtt min/avg/max/mdev = 0.757/1.145/2.034/0.517 ms

Now connect with dns-02.example.com and set an IPv6 address.

# nmcli c m ens33 ipv6.method manual ipv6.addresses "fd15:4ba5:5a2b:1008::2/64" ipv6.gateway fd15:4ba5:5a2b:1008:153c:3b05:4535:d080 

Restarting network interface to reload the changes.

# nmcli c down ens33 ; nmcli c up ens33
Connection 'ens33' successfully deactivated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/1)
Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/2)

Ping dns-01.example.com by using IPv6 address to verify connectivity.

# ping6 fd15:4ba5:5a2b:1008::1
PING fd15:4ba5:5a2b:1008::1(fd15:4ba5:5a2b:1008::1) 56 data bytes
64 bytes from fd15:4ba5:5a2b:1008::1: icmp_seq=4 ttl=64 time=4.01 ms
64 bytes from fd15:4ba5:5a2b:1008::1: icmp_seq=5 ttl=64 time=4.13 ms
^C
--- fd15:4ba5:5a2b:1008::1 ping statistics ---
5 packets transmitted, 5 received, 0% packet loss, time 4040ms
rtt min/avg/max/mdev = 0.699/2.093/4.132/1.617 ms

We have configured IPv6 network between our nodes. It means that our nodes have now formed a DNS Dual Stack network.

Configure DNS Dual Stack Server on CentOS 7

Edit BIND configurations on both DNS servers to add IPv6 support.

# vi /etc/named.conf

Ensure that following directive exists, so the BIND can listen on IPv6 addresses.

listen-on-v6 port 53 { ::1; };

Add IPv6 network address in following directive to allow network client’s to query our DNS servers.

allow-query     { localhost;192.168.116.0/24;fd15:4ba5:5a2b:1008::/64;};

Restart BIND service.

# systemctl restart named

Repeat above steps on dns-02.example.com.

Connect with dns-01.example.com and edit /etc/named.conf.local file.

# vi /etc/named.conf.local

Add IPv6 addresses of dns-02.example.com in allow-transfer and also-notify directives, to enable zone transfers to secondary DNS server over IPv6 network .

zone "example.com" {
   type master;
   file "/var/named/example.com";
   allow-transfer {192.168.116.5;fd15:4ba5:5a2b:1008::2; };
   also-notify {192.168.116.5;fd15:4ba5:5a2b:1008::2; };
};

zone "116.168.192.in-addr.arpa" {
   type master;
   file "/var/named/116.168.192.in-addr.arpa";
   allow-transfer {192.168.116.5;fd15:4ba5:5a2b:1008::2; };
   also-notify {192.168.116.5;fd15:4ba5:5a2b:1008::2; };
};

Edit example.com zone file.

# vi /var/named/example.com

Add AAAA records of our servers therein.

$TTL 1h
@       IN      SOA     example.com.    root.example.com. (
        2019080901      ; Serial YYYYMMDDnn
        24h             ; Refresh
        2h              ; Retry
        28d             ; Expire
        2d )            ; Minimum TTL

;Name Servers
@       IN      NS              dns-01
@       IN      NS              dns-02

;Mail Servers
@       IN      MX      0       mail-01

;Other Servers
dns-01  IN      A               192.168.116.4
dns-02  IN      A               192.168.116.5
mail-01 IN      A               192.168.116.6
web-01  IN      A               192.168.116.3

;Canonical Names
www     IN      CNAME           web-01
mail    IN      CNAME           mail-01

;AAAA Records
dns-01  IN      AAAA            fd15:4ba5:5a2b:1008::1
dns-02  IN      AAAA            fd15:4ba5:5a2b:1008::2

Test resolution of hostname to IPv6 address by using ping6 command.

# ping6 dns-01.example.com
PING dns-01.example.com(dns-01.example.com (fd15:4ba5:5a2b:1008::1)) 56 data bytes
64 bytes from dns-01.example.com (fd15:4ba5:5a2b:1008::1): icmp_seq=2 ttl=64 time=0.185 ms
64 bytes from dns-01.example.com (fd15:4ba5:5a2b:1008::1): icmp_seq=3 ttl=64 time=0.141 ms
^C
--- dns-01.example.com ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2002ms
rtt min/avg/max/mdev = 0.055/0.127/0.185/0.053 ms
# ping6 dns-02.example.com
PING dns-02.example.com(fd15:4ba5:5a2b:1008::2 (fd15:4ba5:5a2b:1008::2)) 56 data bytes
64 bytes from fd15:4ba5:5a2b:1008::2 (fd15:4ba5:5a2b:1008::2): icmp_seq=2 ttl=64 time=0.768 ms
64 bytes from fd15:4ba5:5a2b:1008::2 (fd15:4ba5:5a2b:1008::2): icmp_seq=3 ttl=64 time=0.726 ms
^C
--- dns-02.example.com ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2004ms
rtt min/avg/max/mdev = 0.403/0.632/0.768/0.164 ms

Add a reverse zone for IPv6 network.

# vi /etc/named.conf.local

and add our IPv6 reverse zone in it.

zone "8.0.0.1.b.2.a.5.5.a.b.4.5.1.d.f.ip6.arpa." {
   type master;
   file "/var/named/ipv6.reverse.db";
   allow-transfer {192.168.116.5;fd15:4ba5:5a2b:1008::2; };
   also-notify {192.168.116.5;fd15:4ba5:5a2b:1008::2; };
};

Create a zone file.

# vi /var/named/ipv6.reverse.db

and add IPv6 reverse zone settings therein.

$TTL 1h
@       IN      SOA     8.0.0.1.b.2.a.5.5.a.b.4.5.1.d.f.ip6.arpa.    root.example.com. (
        2019080901      ; Serial YYYYMMDDnn
        24h             ; Refresh
        2h              ; Retry
        28d             ; Expire
        2d )            ; Minimum TTL

;Name Servers
@       IN      NS              dns-01
@       IN      NS              dns-02

;Other Servers
dns-01  IN      A       192.168.116.4
dns-02  IN      A       192.168.116.5
dns-01  IN      AAAA    fd15:4ba5:5a2b:1008::1
dns-02  IN      AAAA    fd15:4ba5:5a2b:1008::2

;PTR Records
1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0               IN      PTR             dns-01
2.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0               IN      PTR             dns-02

We have breakdown the reverse IPv6 addresses into two 64 bit addresses. The left 64-bits represents the Computer IPv6 address while right 64-bits represents our Computer Network. If you have confusion in reversing an IPv6 address then you can use generator at Reverse DNS Record Generator website.

Test IPv6 reverse dns by using ping6 command.

# ping6 dns-01
PING dns-01(dns-01.8.0.0.1.b.2.a.5.5.a.b.4.5.1.d.f.ip6.arpa (fd15:4ba5:5a2b:100::1)) 56 data bytes
64 bytes from dns-01.8.0.0.1.b.2.a.5.5.a.b.4.5.1.d.f.ip6.arpa (fd15:4ba5:5a2b:108::1): icmp_seq=1 ttl=64 time=0.117 ms
64 bytes from dns-01.8.0.0.1.b.2.a.5.5.a.b.4.5.1.d.f.ip6.arpa (fd15:4ba5:5a2b:108::1): icmp_seq=2 ttl=64 time=0.151 ms
64 bytes from dns-01.8.0.0.1.b.2.a.5.5.a.b.4.5.1.d.f.ip6.arpa (fd15:4ba5:5a2b:108::1): icmp_seq=3 ttl=64 time=0.194 ms

We have successfully configure DNS Dual Stack Server on CentOS 7.

Reading Advice: IPv6 Fundamentals: A Straightforward Approach to Understanding IPv6 (PAID LINK) by Cisco Press

Final Thoughts

Thank you for following this guide on how to set up a DNS Dual Stack Server on CentOS 7. If you need further assistance or prefer a professional to handle the setup, I offer expert services on Fiverr. Visit my Fiverr profile to hire me for a reliable and efficient DNS Dual Stack server configuration. Let me help you ensure seamless connectivity and future-proof your network infrastructure!

4 thoughts on “Setup DNS Dual Stack Server on CentOS 7”

Leave a Comment