[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: "DNS-4to6 automatic mapping" - No more DNS-ALGs & 6then4 DNS queries



Christian Huitema wrote :
> > For this, let's specify that a next release of the DNS sotware (BIND and
> > others) will have to include a DNS-4to6 AUTOMATIC MAPPING.
> > With it, an IPv6 RR is automatically created, within the DNS, for each
> > existing IPv4 RR, using for this the *mapped address format* of RFC
> > 2373.

In my understanding, the solution I propose has the following advantages, compared to your alternative:
 -  It lets IPv6 only applications to be "really" IPv6-only, and yet to be able to use IPv4 transport if they are in a host having dual stack transport.
 -  Rather than"creating a need for mapped addresses", my solution is simply an application of RFC 2553 section 3.7 ("Compatibility with Ipv4 nodes").
 -  It requires no change of any protocol (the DNS response format remains as is).
 -  It requires no change in host software.


> You can achieve pretty much the same result by placing the A records in the additional section of responses to AAAA queries, without creating a need for mapped addresses. This could be done very simply, but changing DNS implementations for IPv6 capable servers will only solve part of the operational problems encountered today.

I suppose you are not suggesting that existence of other problems, even if they are worse, would justify not to make IPv6-only applications possible.
IMO, bugged DNS servers have to be fixed (otherwise standards lose their power).
 
> The worst case scenario happens when the target domain's server does not know about IPv6, and treat arrival of AAAA requests as some kind of error. Poorly implemented error paths lead can lead to bad behavior. For example, some servers responded with "no such name" instead of "no such record", leading clients to mistakenly abort HTTP queries. This is a much worse problem than simply having to repeat a query!
> 
> These operational problems are direct consequences of the current IETF recommendation to always ask first for the AAAA record if the client is IPv6 capable. This is a very aggressive stance, designed to maximize the occurrence of IPv6 connections. If we wanted to smooth transition, we could take a softer stance, e.g. let dual-stack hosts only send AAAA queries if it can reasonably presume that the target server is IPv6 capable.

The "current IETF recommendation" seems to me the "right one".
It favors a return to real End-to-End operation, using IPv6, while IPv4-address shortage has led to wide-spread NAT traversal.
As such it can be seen as favoring progress toward the paradise of a "simple again Internet".

Regards.

Rémi



 Créez votre adresse électronique prénom.nom@laposte.net 
 1 Go d'espace de stockage, anti-spam et anti-virus intégrés.