RE: ocean: do not boil

[Margaret Wasserman <mrw@windriver.com>]

Hi Erik,

> Overall these are good questions.
> However, some details are muddled due to us having both NAT-PT and NAT64
> and they work slightly differently. Example below.
I agree.  In retrospect, I probably should not have tried to lump
the NAT-PT and NAT64 cases together, because of the DNS differences that
you have outlined.

> For that reason it might make to look very hard at the use of off the shelf
> NATv4 technology combined with an IPv6 router.
Right.  We should at least consider parallel IPv4 and IPv6 infrastructure
as part of the solution space when customers need to access IPv4 and IPv6
services from the same site.

We may need to compare this solution to other solutions on a case-by-case
basis, depending upon the scenario we are discussing, especially if there
are significant differences in scalability, performance, etc.

>  - NAT-PT ensures, using the DNS ALG, that the host only receives AAAA 
> records,
>    thus the host doesn't do anything special.
And, if the application tries to send to an IPv4 address?  Would it just
fail with "no route to address", or something like that?

>  - A host with NAT64 support would receive A records thus presumably it
>    would determine to send using IPv6 based on the fact that it doesn't
>    have any configured IPv4 addresses (or no IPv4 routers in the routing
>    table, or an implementation specific knob).
Right, and this is the part that raises my concerns...  In order for a
dual-stack node to exist in this environment, it would need to have two
different "modes" of operation -- one where all A records are translated
to AAAA records (if behind NAT-PT), and one where the A records result
in IPv4 traffic (when on an IPv4 network).  How would the node decide
which "mode" it should be using?

Margaret