Hi, I want to thank you all for your comments they are very helpful to me. And yes, I don't have much hands on experience but as non native English speaker I tend to write someone confusing mails so don't take every my sentence "as-is". ;) Tnx once again to all. On Sat, Jan 26, 2013 at 6:59 PM, TJ <trejrco@gmail.com> wrote:
In principle, I agree with the EDGE-in approach.
However, if you need to do LAN before EDGE (e.g. DISA can't get you connectivity but you need to make some progress) you need to block AAAA queries from getting replies. BIND has a "filter AAAA on IPv4" option that helps here ... (just don't give the hosts the v6 addresses of the internal DNS servers).
HTH, /TJ
On Jan 26, 2013 12:49 PM, "William Herrin" <bill@herrin.us> wrote:
On Sat, Jan 26, 2013 at 4:26 AM, Pavel Dimow <paveldimow@gmail.com> wrote:
I can start to create AAAA record and PTR recors in DNS and after that I should configure my dhcp servers and after all has been done I can test ipv6 in LAN and after that I can start configure bgp with ISP. Is this correct procedure?
Nope.
In their infinite(simal) wisdom the architects of IPv6 determined that a host configured with both a global scope IPv6 address and an IPv4 address will attempt IPv6 in preference to IPv4. If you configure IPv6 on a LAN without first installing your IPv6 Internet connection, that LAN will break horribly.
Work your way from the outside in: start with BGP, then the interior routers and configure the LAN last.
Regards, Bill Herrin
-- William D. Herrin ................ herrin@dirtside.com bill@herrin.us 3005 Crane Dr. ...................... Web: <http://bill.herrin.us/> Falls Church, VA 22042-3004