[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: "DNS-4to6 automatic mapping" - No more DNS-ALGs & 6then4 DNS queries
On 11/25/07, Christian Huitema <huitema@windows.microsoft.com> wrote:
> > For this, let's specify that a next release of the DNS sotware (BIND and
> > others) will have to include a DNS-4to6 AUTOMATIC MAPPING.
> > With it, an IPv6 RR is automatically created, within the DNS, for each
> > existing IPv4 RR, using for this the *mapped address format* of RFC
> > 2373.
>
> You can achieve pretty much the same result by placing the A records in the additional section of responses to AAAA queries, without creating a need for mapped addresses. This could be done very simply, but changing DNS implementations for IPv6 capable servers will only solve part of the operational problems encountered today.
>
> The worst case scenario happens when the target domain's server does not know about IPv6, and treat arrival of AAAA requests as some kind of error. Poorly implemented error paths lead can lead to bad behavior. For example, some servers responded with "no such name" instead of "no such record", leading clients to mistakenly abort HTTP queries. This is a much worse problem than simply having to repeat a query!
>
> These operational problems are direct consequences of the current IETF recommendation to always ask first for the AAAA record if the client is IPv6 capable. This is a very aggressive stance, designed to maximize the occurrence of IPv6 connections. If we wanted to smooth transition, we could take a softer stance, e.g. let dual-stack hosts only send AAAA queries if it can reasonably presume that the target server is IPv6 capable.
Out of curiosity: how would a machine determine what it can
"reasonably presume" to be IPv6 capable? Some locally administrated
policy directives for the host's resolver?
Separately: I wonder if there was any discussion of creating a DNS rr
query type with the essential meaning "A*", i.e. give me A records,
AAAA, A6 (while they were being tried), hence A*. (If there already
is such a thing I apologize profusely for my ignorance.) The host or
application can then decide what to do with the returned results
according to local policy as implemented/implementable by the local
resolver. Of course the same could be done with a single packet
exchange if the server could be relied upon to place extra records of
the non-queried-for type in the response, but saying that a
multiple-address-family-capable machine makes an A* query (instead of
AAAA) codifies the behaviour. Random thought, I know.
-Erik