I have a mail server for which I need to create the AAAA DNS record and update the SPF record to include its IPv6 address.
An ifconfig command shows a Scope:Link IPv6 address and a Scope:Global IPv6 address. Which one should I put in the AAAA and SPF records?
The Scope:Global is a /128 address and the scope:Link a /64.
The Scope:Link address is a FE80 address which means none routable. Does it mean I have to put the Scope:Global address?
Best Answer
Yes, precisely so. The globally-scoped address is the one you advertise to the world (which in this case, means list in your
AAAArecord). The link-scoped address is a very useful feature of ipv6 which makes setting up point-to-point links elegant, but it isn't, as you say, globally-routable, and advertising it to the world will not get you any visitors.As for SPF, you would certainly want to list the globally-scoped address. I can't offhand think of any circumstances under which you would preferentially make connections to another local mail server from your link-scoped address, so I see no point in listing it, but others might know better than I (I'm talking to you, @SanderStefann).