获取Hurricane Electric IPv6地址块#

1. 注册HE账号并获取IPv6地址块，教程参考这里2
2. 答题升级账号，升级过后第二天，就可以分配::48地址块了。获取到以后，请复制完整的IPv6地址块儿，例如2001:470:aa::/48

   1
   问题:How many bits are in an IPv6 address?
   2
   答案:128
   3
   
   4
   问题:Which of the following choices is a valid IPv6 address?
   5
   答案:2001:0db8:0:ff2e::1
   6
   
   7
   问题:How many /64 subnets are available in a /48 prefix?
   8
   答案:65536
   9
   
   10
   问题:How many available IPv6 addresses are there in a /64 allocation?
   11
   答案:18,446,744,073,709,551,616
   12
   
   259 collapsed lines
   13
   问题:What operating systems currently support IPv6?
   14
   答案:All of the these support IPv6
   15
   
   16
   问题:What features of IPv6 do you see yourself using?
   17
   答案:Larger Address Space
   18
   
   19
   问题:If you were setting up a network of 12 million hosts that all needed their own unique globally routable addresses, which protocol would you use?
   20
   答案:IPv6
   21
   Question 3
   22
   
   23
   问题:Do you plan on making sure your workplace is IPv6 ready before IPv4 exhaustion?
   24
   答案:Yes
   25
   
   26
   问题:Do you think that any of your co-workers or friends would find Hurricane Electric's IPv6 certification useful?
   27
   答案:Very much
   28
   
   29
   问题:Do you think you would benefit from using Hurricane Electric's free IPv6 certification process at work?
   30
   答案:Very much
   31
   
   32
   问题:Are you enjoying the Hurricane Electric IPv6 certification process?
   33
   答案:Very much
   34
   
   35
   问题:Did you like this level in the Hurricane Electric IPv6 certification process?
   36
   答案:Yes
   37
   
   38
   问题:Is the price right for the Hurricane Electric free IPv6 certification process?
   39
   答案:A great bargain
   40
   
   41
   问题:Does the network equipment you currently use support IPv6?
   42
   答案:All
   43
   
   44
   问题:With regards to the server configuration portion, what level of difficulty would you rate it?
   45
   答案:Trivial
   46
   
   47
   问题:Hurricane Electric would like to make sure you are completely happy with our free IPv6 certification process. Please rate your satisfaction on a scale of 1 to 5; 5 being completely satisfied, 1 being completely unsatisfied.
   48
   答案:5 - Completely Satisfied
   49
   
   50
   问题:Have you asked your provider about when they plan on supporting IPv6?
   51
   答案:Yes
   52
   
   53
   问题:Do you think that Internet oriented companies (software, hardware, or service providers) need to be IPv6 ready before IPv4 exhaustion?
   54
   答案:Yes
   55
   
   56
   问题:Do you feel like you learned (or refreshed) your knowledge by completing the Hurricane Electric IPv6 certification process?
   57
   答案:Very much
   58
   
   59
   问题:Are you able to understand the material?
   60
   答案:Yes
   61
   
   62
   问题:Do you feel good about the Hurricane Electric free IPv6 certification process?
   63
   答案:Yes
   64
   
   65
   问题:Have you asked your domain name registrar if they support IPv6?
   66
   答案:Yes
   67
   
   68
   问题:You request IPv6 glue for your nameservers through:
   69
   答案:The registrar of the domain used by your name servers
   70
   
   71
   问题:IPv6 glue for nameservers resides on which nameservers?
   72
   答案:The TLD/ccTLDs'
   73
   
   74
   问题:Which of the following queries proves working IPv6 glue?
   75
   答案:dig AAAA ns1.exampledomain.tld @tld.server
   76
   
   77
   问题:Which TLD listed below is authoritative for .com & .net IPv6 Glue?
   78
   答案:A.GTLD-SERVERS.net
   79
   
   80
   问题:What is another name sometimes used for A or AAAA nameserver glue records found in the top level domain zone files?
   81
   答案:host records
   82
   
   83
   问题:What is a registrar?
   84
   答案:An organization that is able to register domains
   85
   
   86
   问题:What is a registry?
   87
   答案:An organization responsible for operating the authorative nameservers and database for a top level domain
   88
   
   89
   问题:Why does getting AAAA records for your nameservers in the corresponding TLD (top level domain) zone matter?
   90
   答案:It enables entirely native IPv6 DNS queries and makes it possible for IPv6 only hosts to reach the nameservers for your domain, since they can't use glue that is just an A record.
   91
   
   92
   问题:IPv6 AAAA records have been added for several of the root nameservers.
   93
   答案:True
   94
   
   95
   ===========
   96
   问题:What command do you use to ping an IPv6 address on Free Open Source UNIX platforms such as Linux, FreeBSD, etc?
   97
   答案:ping6
   98
   
   99
   问题:What command do you use to traceroute to an IPv6 address on Free Open Source UNIX platforms such as Linux, FreeBSD, etc?
   100
   答案:traceroute6
   101
   
   102
   问题:What command do you use to ping an IPv6 address on a Microsoft Windows platform?
   103
   答案:ping
   104
   
   105
   问题:What command do you use to traceroute to an IPv6 address on a Microsoft Windows platform?
   106
   答案:tracert
   107
   
   108
   问题:IPv6 addresses are written using what number base?
   109
   答案:hexadecimal (base 16)
   110
   
   111
   问题:Hexadecimal digits are represented by:
   112
   答案:0 to 9 and A to F
   113
   
   114
   问题:On Redhat, CentOS, and Fedora Core systems that don't accept ::/0 as the IPv6 default route, which of the following should you use instead?
   115
   答案:2000::/3
   116
   
   117
   问题:When configuring forward DNS entries for use with an IPv6 address, what record type do you use?
   118
   答案:AAAA
   119
   
   120
   问题:When configuring reverse DNS with BIND for addresses in the IPv6 allocation 2001:A:B:C::/64, what is the correct format for the zone?
   121
   答案:C.0.0.0.B.0.0.0.A.0.0.0.1.0.0.2.ip6.arpa
   122
   
   123
   问题:What is the IPv6 default route?
   124
   答案:::/0
   125
   
   126
   问题:What is the IPv6 localhost address?
   127
   答案:::1/128
   128
   
   129
   问题:Which of the following is a link-local address?
   130
   答案:fe80::20c:dbff:fefb:232b
   131
   
   132
   问题:Which of the following URLs specifies a literal IPv6 address correctly?
   133
   答案:http://[2001:470:0:64::2]
   134
   
   135
   问题:Which of the following URLs specifies a literal IPv6 address and port number correctly?
   136
   答案:https://[2001:0db8:85a3:08d3:1319:8a2e:0370:7344]:443
   137
   
   138
   问题:If you run native IPv4 and IPv6 at the same time this is called:
   139
   答案:Dual stack
   140
   
   141
   问题:How do you use the dig command to get the IPv6 address record for domain he.net?
   142
   答案:dig he.net AAAA
   143
   
   144
   问题:How do you use the dig command to get the PTR record for the IPv6 address 2001:470:0:76::2?
   145
   答案:dig -x 2001:470:0:76::2
   146
   
   147
   问题:What command shows IPv6 addresses configured on ethernet interfaces under UNIX (Linux, FreeBSD, etc.)?
   148
   答案:ifconfig
   149
   
   150
   问题:What command shows IPv6 addresses configured on ethernet interfaces under Microsoft Windows?
   151
   答案:ipconfig
   152
   
   153
   问题:Under FreeBSD, what does the generic tunneling interface start with?
   154
   答案:gif
   155
   
   156
   问题:Under Linux, what kernel module needs to be loaded to support IPv6 networking?
   157
   答案:ipv6
   158
   
   159
   问题:Are routers allowed to fragment IPv6 packets?
   160
   答案:No
   161
   
   162
   问题:How many bytes are in an IPv6 address?
   163
   答案:16
   164
   
   165
   问题:How many /48 subnets are available in a /32 prefix?
   166
   答案:65536
   167
   
   168
   问题:Which protocol is used for manually configured tunnels?
   169
   答案:6in4
   170
   
   171
   问题:Which of the following is the IPv6 documentation prefix?
   172
   答案:2001:db8::/32
   173
   
   174
   问题:Which of the following is the IPv6 link-local prefix?
   175
   答案:fe80::/10
   176
   
   177
   问题:Which of the following is the IPv6 multicast prefix?
   178
   答案:ff00::/8
   179
   
   180
   问题:Which of the following is the IPv6 ULA (unique local addresses) prefix?
   181
   答案:fc00::/7
   182
   
   183
   问题:Which of the following is a subnet of 2001:db8::/32?
   184
   答案:2001:db8:7fa5::/48
   185
   
   186
   问题:On Linux, how would you traceroute to the IPv6 address of he.net?
   187
   答案:traceroute6 he.net
   188
   
   189
   问题:On Windows Vista, how would you traceroute to the IPv6 address of he.net?
   190
   答案:tracert he.net
   191
   
   192
   问题:On Linux, what is the IPv6 ping command?
   193
   答案:ping6
   194
   
   195
   问题:Which command forces the UNIX command ssh to use IPv6 to connect to example.com (useful for domains with both A and AAAA records)?
   196
   答案:ssh -6 example.com
   197
   
   198
   问题:You would force the UNIX command ssh to use IPv4 (useful if it had both A and AAAA records) to connect to example.com using which command?
   199
   答案:ssh -4 example.com
   200
   
   201
   问题:Which command forces the UNIX command wget to use IPv6 to make a HTTP GET request to he.net (useful for domains with both A and AAAA records)?
   202
   答案:wget -6 he.net
   203
   
   204
   问题:Which command forces the UNIX command wget to use IPv4 to make a HTTP GET request to he.net (useful for domains with both A and AAAA records)?
   205
   答案:wget -4 he.net
   206
   
   207
   问题:Which command forces the UNIX command mtr to use IPv6 to traceroute to he.net (useful for domains with both A and AAAA records)?
   208
   答案:mtr -6 he.net
   209
   
   210
   问题:Which command forces the UNIX command mtr to use IPv4 to traceroute to he.net (useful for domains with both A and AAAA records)?
   211
   答案:mtr -4 he.net
   212
   
   213
   问题:When using basic auto-configuration, what is used from the host to configure the last 64bits of the IPv6 address?
   214
   答案:The MAC address of the ethernet interface
   215
   
   216
   问题:A MAC address is only 48bits. So when using basic auto-configuration, what is used to fill in the missing 16bits?
   217
   答案:FFFE
   218
   
   219
   问题:On many routers, which one of the following commands is used to configure an IPv6 address on an interface?
   220
   答案:ipv6 address 2001:A:B:C::1/64
   221
   
   222
   问题:What is the length of an IPv6 packet header?
   223
   答案:40 bytes
   224
   
   225
   问题:Which of the following organizations assigns IPv6 addresses?
   226
   答案:All of the above
   227
   
   228
   问题:What protocol number is used for 6in4 IPv4 packets?
   229
   答案:41
   230
   
   231
   问题:Which of the following is the 6to4 IPv6 prefix?
   232
   答案:2002::/16
   233
   
   234
   问题:Which of the following well-known prefixes is used for Teredo?
   235
   答案:2001:0000::/32
   236
   
   237
   问题:Which of the following is an IPv4-mapped IPv6 address?
   238
   答案:::ffff:10.10.10.2
   239
   
   240
   问题:On operating systems that support it, IPv4-mapped IPv6 addresses are used to:
   241
   答案:map IPv4 addresses to an IPv6 address to make it so that IPv6 socket system calls can be used with both IPv4 or IPv6 addresses
   242
   
   243
   问题:Which of the following is an IPv4-compatible IPv6 address?
   244
   答案:::10.10.10.2
   245
   
   246
   问题:IPv4-compatible IPv6 addresses are deprecated in RFC 4291.
   247
   答案:True
   248
   
   249
   问题:Should you ever see packets with IPv4-mapped IPv6 addresses on the wire (outside of a host)?
   250
   答案:No
   251
   
   252
   问题:Which version of OSPF supports IPv6?
   253
   答案:OSPFv3
   254
   
   255
   问题:Which of the following can be used by an IPv6 host to learn the address of a default gateway?
   256
   答案:neighbor discovery protocol
   257
   
   258
   问题:Which of the following can be used by a host to learn its own IPv6 address?
   259
   答案:stateless autoconfiguration
   260
   
   261
   问题:If you translate IPv4 packets to IPv6 or IPv6 packets to IPv4, this is called:
   262
   答案:NAT64/DNS64/DS-Lite
   263
   
   264
   问题:On many routers, what command shows IPv6 routes?
   265
   答案:show ipv6 route
   266
   
   267
   问题:On many routers, what command shows IPv6 BGP sessions?
   268
   答案:show ipv6 bgp summary
   269
   
   270
   问题:On many routers, what command shows IPv6 BGP routes?
   271
   答案:sh ipv6 bgp
   

添加域名#

1. 输入复制的IPv6地址块，进行转换，然后复制转换出来的数据

   IPv6 rDNS 转换器

   IPv6 地址块 (例如: 2001:db8:bbcc::/48)

   IPv6 地址块 (例如: 2001:db8:bbcc::/48)

   输入 IPv6 地址块以查看其 rDNS 格式。自动补0填充。

   转换结果:

   a.a.0.0.0.7.4.0.1.0.0.2.ip6.arpa
   Invalid admonition directive. (Admonition directives must be of block type ":::note{name="name"} <content> :::")
   转换时会自动补0，无需手动补齐 :::
2. 前往Cloudflare添加域名，输入刚才转换出来的内容，进行注册
3. 注册完成后，前往Hurricane Electric控制台，把上一步骤最后获得的NameServer填入到rDNS部分（最后不要忘记点Save!）
4. 基本五分钟内，Cloudflare里就会显示active了，如果一直没有action，请从头检查一遍。
5. 至此，你就已经获得了一个近乎永久的域名了，但是我为什么说是可以获得无限的域名呢。注意到我为什么一直在强调地址块儿吗？因为你可以随意划分子网段，就又可以获得新的域名了。例如地址块2001:470:aa::/48，我可以再划分出2001:470:aa:1::/64，2001:470:aa:2::/64，2001:470:aa:3::/64…下面我以2001:470:aa:1::/64为例，继续演示如何获得新的域名。

获取更多域名#

1. 重复上面的步骤1，把2001:470:aa:1::/64转换成rDNS格式
2. 重复上面的步骤2，在Cloudflare注册新的域名
3. 此时，不要把分配的ns服务器填到Hurricane Electric控制台，而是直接在Cloudflare里，::/48IPv6段对应的域名下下添加NS记录，指向刚才注册的域名的ns服务器
4. 等待生效即可。
5. ::/64段同理。生成更长的域名也可以，操作都是一样的。

虽然这些域名也没啥用，但是拿来当Cloudflare优选域名还是可以的。毕竟不要钱，而且还想生成多少就多少，只要he.net不倒闭或者不收回ipv6地址块儿就行了。（感觉he倒的可能性比大部分大型公司概率都低捏）。

为什么可以这么做从而获得一个域名 - Gemini 2.5 Pro回答

核心概念：所有权与授权 (Delegation)#

• 传统域名 (.com, .net): 你通过注册商（如 GoDaddy）向注册局（如 Verisign）付费购买一个域名的使用权。你拥有的是一个“名字”。
• rDNS 域名 (.ip6.arpa): 你不购买这个域名。你获得它的控制权，是因为你被分配了对应的 IP 地址块。IP 地址的所有权 = 对应 rDNS 域名的控制权。

整个过程是一条清晰的授权链 (Chain of Delegation)。

---

第一步：全球最高权威 - IANA#

1. IANA (互联网号码分配局) 是互联网世界的最高管理者。它管理着所有的 IP 地址资源和根域名，包括特殊的 .arpa 顶级域。
2. .ip6.arpa 这个顶级域就是 IANA 专门设立用来做 IPv6 反向解析的。

可以把 IANA 想象成全球土地管理局，它拥有地球上所有的土地（IP 地址），并且制定了“门牌号反查房主”的规则（rDNS）。

第二步：区域权威 - RIRs (如 ARIN)#

1. IANA 不会直接把 IP 地址分给个人或小公司，太琐碎了。它会把巨大的 IP 地址块（比如 2001::/16）和对应的 .ip6.arpa 管理权，授权给五大区域互联网注册机构 (RIRs)。例如，北美的 ARIN、欧洲的 RIPE NCC 等。

2. 所以，当 IANA 把 2001:470::/32 这个巨大的地址块分给 ARIN 时，它同时也把 0.7.4.0.1.0.0.2.ip6.arpa 这个 rDNS 区域的管理权委托 (Delegate) 给了 ARIN。

现在，ARIN 就像是北美洲土地管理局。它管理着北美洲的所有土地（IPs），并且有权决定这片土地上“门牌号反查房主”的具体记录。

第三步：本地权威 - Hurricane Electric (HE)#

1. ARIN 也不会直接给终端用户分 IP。它会把更小一些的地址块（比如 HE 拥有的 2001:470::/32）分配给像 HE 这样的大型网络服务提供商 (ISP/LIR)。
2. 同样，当 ARIN 把 2001:470::/32 分给 HE 时，也把 0.7.4.0.1.0.0.2.ip6.arpa 的管理权委托给了 HE。
3. HE 的 DNS 服务器上现在就有了权威记录，告诉全世界：“0.7.4.0.1.0.0.2.ip6.arpa 这个区域归我管！”

现在，HE 就像是一个大型房地产开发商。它从洲际管理局那里拿到了一大片地，现在有权将这片地分割成小块（比如 /48 的地块）分给客户。

第四步：最终用户 - 你#

1. 你向 HE 申请了一个 /48 的地址块，比如 2001:470:aa::/48。
2. HE 把这个 IP 地址块的使用权给了你。根据“IP所有权 = rDNS控制权”的原则，HE 也必须把这个 IP 块对应的 rDNS 区域的管理权交给你。这个区域就是 a.a.0.0.0.7.4.0.1.0.0.2.ip6.arpa。
3. 但是，HE 如何把管理权交给你呢？ 它不可能让你直接修改它的 DNS 服务器。它通过一种标准的 DNS 机制——NS 记录委托。

现在，你就是这个地块的主人。开发商（HE）给了你地契，并且在自己的总规划图上标注：“这块地 (/48) 的具体事务（DNS 解析），别问我，去问地主指定的新管家（Cloudflare）。”

---

你的操作与授权链的对应关系#

现在我们把你教程里的步骤串起来，就一目了然了：

1. 你去 Cloudflare 添加站点 (a.a...ip6.arpa)。

   • 你在做什么： 你在告诉 Cloudflare：“你好，我马上要雇佣你做我的新管家，来管理我的这块地。你的门牌号（NameServer 地址）是多少？”
   • Cloudflare 回答：“好的，我的门牌号是 dave.ns.cloudflare.com 和 macy.ns.cloudflare.com。你快去开发商那里登记一下，告诉他们以后有事找我。”

2. 你回到 HE 控制台，在 rDNS 部分填入 Cloudflare 的 NameServer。

   • 你在做什么： 这就是最关键的行使授权的一步！你对开发商 HE 说：“关于我那块地 (a.a...ip6.arpa) 的所有 DNS 查询，请不要再由你来回答了。请你委托给我的新管家 dave.ns.cloudflare.com。”
   • HE 在后台做什么： HE 在它自己的 DNS 服务器（0.7.4.0.1.0.0.2.ip6.arpa 区域的权威服务器）里，为你对应的子域添加了两条 NS 记录：

     1
     a.a.0.0.0.7.4.0.1.0.0.2.ip6.arpa. IN NS dave.ns.cloudflare.com.
     2
     a.a.0.0.0.7.4.0.1.0.0.2.ip6.arpa. IN NS macy.ns.cloudflare.com.
     

     这个记录向全世界宣告：想知道 a.a...ip6.arpa 及其所有子域（比如 1.0.0.0.a.a...ip6.arpa）的任何信息，请去问 dave.ns.cloudflare.com。

3. Cloudflare 显示 Active。

   • 发生了什么： Cloudflare 会定期检查全球 DNS 系统。它发现 HE 已经成功地将对你那个 rDNS 域名的查询权指向了自己。授权验证通过，它正式上岗，开始为你管理这个“域名”。