|
Not | |
---|---|
IPv4'ün aksine IPv6'nın güncel sürümleri adanmış bir IPv6 adresine bir sunucu soketi bağlamaya izin vermemektedir. Bu yüzden sadece any ya da none kullanılabilmektedir. Bu bir güvenlik konusu olabileceğinden, aşağıdaki Erişim Denetim Listeleri (ACL) bölümünü de okumanız uygun olabilir!
|
options { # sure other options here, too listen-on-v6 { any; }; };
# netstat -lnptu |grep "named\W*$" tcp 0 0 :::53 :::* LISTEN 1234/named # incoming TCP requests udp 0 0 1.2.3.4:53 0.0.0.0:* 1234/named # incoming UDP requests ¬ to IPv4 1.2.3.4 udp 0 0 127.0.0.1:53 0.0.0.0:* 1234/named # incoming UDP requests ¬ to IPv4 localhost udp 0 0 0.0.0.0:32868 0.0.0.0:* 1234/named # dynamic chosen port for ¬ outgoing queries udp 0 0 :::53 :::* 1234/named # incoming UDP request to ¬ any IPv6
# dig localhost @::1
options { # sure other options here, too listen-on-v6 { none; }; };
acl internal-net { 127.0.0.1; 1.2.3.0/24; 3ffe:ffff:100::/56; ::1/128; ::ffff:1.2.3.4/128; }; acl ns-internal-net { 1.2.3.4; 1.2.3.5; 3ffe:ffff:100::4/128; 3ffe:ffff:100::5/128; };
options { # sure other options here, too listen-on-v6 { none; }; allow-query { internal-net; }; allow-transfer { ns-internal-net; }; };
query-source-v6 address ipv6adres|* port port|*;
transfer-source-v6 ipv6adres|* [port port];
notify-source-v6 ipv6adres|* [port port];
$ host -t aaaa www.6bone.net 3ffe:ffff:200:f101::1 Using domain server: Name: 3ffe:ffff:200:f101::1 Address: 3ffe:ffff:200:f101::1#53 Aliases: Host www.6bone.net. not found: 5(REFUSED)
Jan 3 12:43:32 gate named[12347]: client ¬ 3ffe:ffff:200:f101:212:34ff:fe12:3456#32770: query denied
$ host -t aaaa www.6bone.net 3ffe:ffff:200:f101::1 Using domain server: Name: 3ffe:ffff:200:f101::1 Address: 3ffe:ffff:200:f101::1#53 Aliases: www.6bone.net. is an alias for 6bone.net. 6bone.net. has AAAA address 3ffe:b00:c18:1::10
|