If you run Split DNS on the firewall itself you can add an A record in the DNS for the IPv4 and an AAAA record for the IPv6 IP addresses for each of the firewall's interfaces.
What exact version and patch level are you using? BIND on version 70103 does not support IPv6.
I'm not sure i've heard of Split DNS. can you elaborate?
our firewalls use version 8.3.2P07.
Also, we have another firewall that still uses 70103. does that mean we'll have to upgrade it to 8.3.2 when we want to enable IPv6?
Ohh, I could not grasp what you were actually asking about. You are trying to add a IPv6 address as a DNS server in your 'Transparent DNS' setup (right?). If you tried it and it didn't work I'm going to guess it does not support IPv6 addresses. Since there is no indication in the Help or Product Guide that says what it supports I emailed development to ask them. I will write back when I have an answer (which, as you demonstrated, is most likely going to be "Transparent DNS does not support IPv6 addresses"). It's either that or you typed the address wrong (but I don't believe that's the case).
Both 70103 and 832 support IPv6 addresses on the firewall. Just disregard what I said about BIND since you are not using it.
you are correct. we're using Transparent.
if it doesnt support IPv6 addresses, how will lookups occur? are the existing IPv4 DNS servers going to have to support IPv6 lookups or something? We dont control the DNS servers. The organization for which i work controls them. we simply leverage them for lookups.
at the same time, our Internal interface has IPv4 addresses for our local DNS servers - 192.168.100.x. Is the result going to be the same whereby the DNS servers have to somehow translate IPv6 requests?
sliedl - have you heard back from the dev team? If Transparent DNS doesnt support IPv6 does that mean i'll have to change to "firewall hosted"?
I have not had an answer back from my question to them. It appears that transparent DNS does not support IPv6 addresses. Therefore you must use IPv4 addresses.
ok, so how does IPv6 translation/lookups work then?