We’ve received a couple questions about zone transfer (AXFR) support for our Primary DNS service. Currently we do not have AXFR enabled on the DNS servers that answer requests for Primary DNS zones.
The AXFR limitation is not intentional; unfortunately it’s supported by the DNS server. Primary DNS is served using PowerDNS authoritative server version 2.9.22. It does not support per-zone AXFR ACLs like BIND9 does.
The only option we have would be to allow AXFR to anyone, but for security reasons we don’t want to do that. We can’t globally allow our Secondary DNS to AXFR because that creates a backdoor where anyone with an account could use it as an intermediate AXFR host. (Security aside, most of our customers don’t want AXFR open to the world or IP addresses they don’t control.)
PowerDNS authoritative 3.0 is currently in RC2 stage. This version does have per-zone AXFR capability and we will support it in the control center as soon as possible. It also has other features we’d like to add like DNSSEC and long TXT records.
We’re working on changes to the control center required to support these features but ultimately it requires the servers themselves to be upgraded to either the release candidate or the 3.0 release to support them.
The external status page at www.rollernetstatus.com is currently offline pending a move to a new home. We apologize for any inconvenience. In the meantime, status updates will be posted here directly.
UPDATE: the offsite status page is back. It now has AAAA records as well.
UPDATE2: Oops, the firewall on the host was blocking port 80. It’s been fixed.
World IPv6 day is on June 8, 2011. On this date for 24 hours, many major IPv4-only sites will be temporarily offering their content over IPv6. Some of them have already adopted IPv6, but are not publishing AAAA records for their primary well-known domain. For example:
However, on world IPv6 day the well-known names will have IPv6 and IPv4 (commonly referred to as dual-stacking) for 24 hours. The goal of this test is to motivate internet service providers, hardware makers, operating system vendors and web companies to prepare their services for IPv6. This is critical to ensure a successful transition from IPv4.
Roller Network already provides dual-stack IPv6 services for our websites and all major services. Every day is IPv6 day for us, and our customers can rest assured that our service is standard production quality and not a “beta” or “test”. We’ve carefully selected upstream providers that can provide dual-stack IPv6, so we’re proud to say that Roller Network has a fully dual-stack native network – from border to core and core to edge. All of our customers from free Secondary DNS to colocation, hosting and wireless internet have IPv6 capabilities. For more information see the ISOC World IPv6 Day page.
Here’s a handful of test sites (in no particular order) you can use to test your IPv6 readiness:
We’ve made a few minor changes to our Primary DNS management in the account control center that we hope will enhance our customer’s experience.
- All record types (except SOA) may now be deleted. Previously, two NS records and one A record were mandatory. It is now possible to delete these if desired. This also means it’s possible to create an empty zone: errors will be displayed if important records are missing.
- All NS records may now be edited. Previously, there were two NS records (ns1-auth.rollernet.us and ns2-auth.rollernet.us) that were static. These may now be edited to suit the individual zone’s requirements.
- We’ve separated the edit and delete buttons in the record table display to reduce the chance of accidentally deleting a zone record. The new “Edit” button is now on the far left side of the record row while the “Delete” button is now on the far right.
- A TXT record may now be up to 1024 characters in length (increased from 255).
Please note: Although long TXT records may be added to a zone they are not currently supported by the PowerDNS back end. An upgrade to PowerDNS will be made at a later date. An upgrade to PowerDNS 3.0 enabled long TXT support in August 2011.