#acl All:read <> = IPv6 configuration guide for BIND9 = == How can enable BIND9 to listen on IPv6? == BIND9 by default does not listen on IPv6 address. You should enable it in your configuration file: {{{ options { listen-on-v6 [ port ip_port ]{ any; }; }; }}} If a port is not specified, port 53 will be used. == How can I disable BIND9 to liston on IPv6 address? == To disable IPv6 for listening, following options are requested to change: {{{ options { # sure other options here, too listen-on-v6 { none; }; }; }}} This not necessary except BIND9 versions earlier the 9.2.0. == How can I configure ACLs with IPv6 addresses? == IPv6 enabled ACLs are possible. An example looks like following: {{{ acl internal-net { 127.0.0.1; 10.10.10.0/24; 2001:0db8:100::/64; ::1/128; ::ffff:10.10.10.10/128; }; acl ns-internal-net { 10.10.10.1; 10.10.10.2; 2001:0db8:100::4/128; 2001:0db8:100::5/128; }; }}} This ACLs can be used e.g. for queries of clients and transfer zones to secondary name-servers. This prevents also your caching name-server to be used from outside using IPv6. On some systems, it is neccessary to use IPv4 mapped addresses IPv6 addressess for dealing with IPv4 addresses. {{{ options { # sure other options here, too listen-on-v6 { none; }; allow-query { internal-net; }; allow-transfer { ns-internal-net; }; }; }}} It's also possible to set the ''allow-query'' and ''allow-transfer'' option for most of single zone definitions, too. == How can I use a specific IPv6 address in queries? == {{{ query-source-v6 address port ; }}} == How can I use a specific IPv6 address for zone transfers? == Transfer source address is used for outgoing zone transfers: {{{ transfer-source-v6 [port port]; }}} == How can I use a specific IPv6 address for notification? == Notify source address is used for outgoing notify messages: {{{ notify-source-v6 [port port]; }}}