AAAA Records (IPv6)¶

AAAA records map domain names to IPv6 addresses. They are the IPv6 equivalent of A records.

Creating an AAAA Record¶

apiVersion: bindy.firestoned.io/v1beta1
kind: AAAARecord
metadata:
  name: www-example-ipv6
  namespace: dns-system
  labels:
    zone: example.com  # Used by DNSZone selector
spec:
  name: www
  ipv6Address: "2001:db8::1"
  ttl: 300

This creates www.example.com -> 2001:db8::1.

How Records Are Associated with Zones¶

Records are discovered by DNSZones using label selectors. The DNSZone must have a recordsFrom selector that matches the record's labels:

# DNSZone with selector
apiVersion: bindy.firestoned.io/v1beta1
kind: DNSZone
metadata:
  name: example-com
spec:
  zoneName: example.com
  clusterRef: production-dns
  recordsFrom:
    - selector:
        matchLabels:
          zone: example.com  # Selects all records with this label
  soaRecord:
    primaryNs: ns1.example.com.
    adminEmail: admin.example.com.
    serial: 2024010101
---
# Record that will be selected
apiVersion: bindy.firestoned.io/v1beta1
kind: AAAARecord
metadata:
  name: www
  labels:
    zone: example.com  # ✅ Matches selector above
spec:
  name: www
  ipv6Address: "2001:db8::1"

See Label Selector Guide for advanced patterns.

Root Record¶

For the zone apex (example.com):

apiVersion: bindy.firestoned.io/v1beta1
kind: AAAARecord
metadata:
  name: root-example-ipv6
  namespace: dns-system
  labels:
    zone: example.com
spec:
  name: "@"
  ipv6Address: "2001:db8::1"

Multiple AAAA Records¶

Create multiple records for the same name for load balancing:

kubectl apply -f - <<EOF
apiVersion: bindy.firestoned.io/v1beta1
kind: AAAARecord
metadata:
  name: www-ipv6-1
  namespace: dns-system
  labels:
    zone: example.com
spec:
  name: www
  ipv6Address: "2001:db8::1"
---
apiVersion: bindy.firestoned.io/v1beta1
kind: AAAARecord
metadata:
  name: www-ipv6-2
  namespace: dns-system
  labels:
    zone: example.com
spec:
  name: www
  ipv6Address: "2001:db8::2"
EOF

DNS clients will receive both addresses (round-robin load balancing).

Dual-Stack Configuration¶

For dual-stack (IPv4 + IPv6) configuration, create both A and AAAA records:

# IPv4
apiVersion: bindy.firestoned.io/v1beta1
kind: ARecord
metadata:
  name: www-ipv4
  namespace: dns-system
  labels:
    zone: example.com
spec:
  name: www
  ipv4Address: "192.0.2.1"
  ttl: 300
---
# IPv6
apiVersion: bindy.firestoned.io/v1beta1
kind: AAAARecord
metadata:
  name: www-ipv6
  namespace: dns-system
  labels:
    zone: example.com
spec:
  name: www
  ipv6Address: "2001:db8::1"
  ttl: 300

Clients will use IPv6 if available, falling back to IPv4 otherwise.

IPv6 Address Formats¶

IPv6 addresses support various formats:

# Full format
ipv6Address: "2001:0db8:0000:0000:0000:0000:0000:0001"

# Compressed format (recommended)
ipv6Address: "2001:db8::1"

# Link-local address
ipv6Address: "fe80::1"

# Loopback
ipv6Address: "::1"

# IPv4-mapped IPv6
ipv6Address: "::ffff:192.0.2.1"

Common Use Cases¶

Web Server¶

apiVersion: bindy.firestoned.io/v1beta1
kind: AAAARecord
metadata:
  name: web-ipv6
  namespace: dns-system
  labels:
    zone: example.com
spec:
  name: www
  ipv6Address: "2001:db8:1::443"
  ttl: 300

API Endpoint¶

apiVersion: bindy.firestoned.io/v1beta1
kind: AAAARecord
metadata:
  name: api-ipv6
  namespace: dns-system
  labels:
    zone: example.com
spec:
  name: api
  ipv6Address: "2001:db8:2::443"
  ttl: 60  # Short TTL for faster updates

Mail Server¶

apiVersion: bindy.firestoned.io/v1beta1
kind: AAAARecord
metadata:
  name: mail-ipv6
  namespace: dns-system
  labels:
    zone: example.com
spec:
  name: mail
  ipv6Address: "2001:db8:3::25"
  ttl: 3600

Best Practices¶

Use compressed format - 2001:db8::1 instead of 2001:0db8:0000:0000:0000:0000:0000:0001
Dual-stack when possible - Provide both A and AAAA records for compatibility
Match TTLs - Use the same TTL for A and AAAA records of the same name
Test IPv6 connectivity - Ensure your infrastructure supports IPv6 before advertising AAAA records

Status Monitoring¶

Check the status of your AAAA record:

kubectl get aaaarecord www-ipv6 -o yaml

Look for the status.conditions field:

status:
  conditions:
    - type: Ready
      status: "True"
      reason: ReconcileSucceeded
      message: "Record configured on 3 endpoint(s)"
      lastTransitionTime: "2024-11-26T10:00:01Z"
  observedGeneration: 1

Troubleshooting¶

Record not resolving¶

Check record status:

kubectl get aaaarecord www-ipv6 -o jsonpath='{.status.conditions[?(@.type=="Ready")].status}'

Verify zone exists:
```
kubectl get dnszone example-com
```

Test DNS resolution:

dig AAAA www.example.com @<dns-server-ip>

Invalid IPv6 address¶

The operator validates IPv6 addresses. Ensure your address is in valid format: - Use compressed notation: 2001:db8::1 - Do not mix uppercase/lowercase unnecessarily - Ensure all segments are valid hexadecimal

Next Steps¶

DNS Records Overview - Complete guide to all record types
MX Records - Mail exchange records
TXT Records - Text records for SPF, DKIM, etc.
Monitoring DNS - Monitor your DNS infrastructure