The default for new DNS zones added via Virtualmin is to include the IP addresses of the slave name-servers in the "Allow transfers from.." list so slaves can transfer DNS records. This list only includes IPv4 addresses and doesn't include IPv6 addresses. As a result, AXFR's from slave IPv6 servers fail.
When I originally installed Virtualmin, I didn't have any interfaces configured with IPv6 addresses other than the link local addresses. I've since enabled IPv6, and noticed the "allow transfers from" dialog only contains IPv4 addresses for newly created zones. Expected behavior is that since IPv6 is enabled, future zones should have the IPv4 addresses and IPv6 addresses for each DNS server that was entered in the initial Virtualmin setup wizard.
Comments
Submitted by JamieCameron on Fri, 10/11/2013 - 23:51 Comment #1
So do you have DNS slave servers with only IPv6 addresses? I'd expect that to be a rare case, as end to end v6 connectivity is still rare on the Internet.
Submitted by imcdona on Sat, 10/12/2013 - 17:26 Comment #2
The slave servers are dual-stack. However, since my virtualmin box is also dual-stack, the slaves attempt to connect via IPv6 by default as there's both A and AAAA records for the master dns server (virtualmin in this case).
Submitted by JamieCameron on Sat, 10/12/2013 - 19:27 Comment #3
Ok, that makes sense - I will have Virtualmin add the IPv6 addresses of slave systems (if any) to the allow-transfer block in the next release.
Submitted by Issues on Sat, 10/26/2013 - 19:31 Comment #4
Automatically closed -- issue fixed for 2 weeks with no activity.