[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: I-D Action:draft-endo-v6ops-dnsproxy-00.txt

To: IPv6 Operations <v6ops@ops.ietf.org>
Subject: Re: I-D Action:draft-endo-v6ops-dnsproxy-00.txt
From: Brian E Carpenter <brian.e.carpenter@gmail.com>
Date: Thu, 14 Aug 2008 11:09:02 +1200
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:organization:user-agent:mime-version:to :subject:references:in-reply-to:content-type :content-transfer-encoding; b=lXkIEJ9WFBASCoUFC2jSiw5rhcVhF49dIasgp0rhyjwUNR/KNTHCDcDaWxCUjco70o f4Ox8oJh9TpkZzbGBra5/J0hd7rsW3R0b9qo7mqeM2kpQuONFf9PbrdkJ6GHwmb/F8KC 8ov/OD44XPllf4gIw9ZyEIuHdwWBqd6CZKIc8=
In-reply-to: <20080807080001.3AF353A6A6C@core3.amsl.com>
Organization: University of Auckland
References: <20080807080001.3AF353A6A6C@core3.amsl.com>
User-agent: Thunderbird 2.0.0.6 (Windows/20070728)

Hi,

I have a couple of comments on this, and a question.

> 3.2.  IPv4 Address Pool
> 
>    IPv4 Address Pool stores IPv4 addresses that are assigned to each
>    translator.  DNS Proxy selects an IPv4 address from it, and DNS Proxy
>    maps an IPv6 address to selected IPv4 address.
> 
>    The entry of this pool MUST have following information.
> 
> 
>          IPv4 Address:
>            This IPv4 address is used to map to an IPv6 address.
> 
>          Address Status:
>            This information indicates a status of this IPv4 address.
>            The status has two condition "Un-Mapped" and "Mapped".  If
>            Un-mapped status, DNS Proxy can select this entry to map.
>            Otherwise DNS Proxy cannot do it.
> 
>            Un-mapped:
>              This IPv4 address is not mapped.
>            Mapped:
>              This IPv4 address is already mapped.

If I understand this correctly, it means that the proposal only
allows exactly one IPv6 address to be mapped to one IPv4 address.
Since any deployment scenario I can imagine will have a shortage
of IPv4 addresses, it seems to me essential to support IPv4
address sharing and port mapping.

> 7.  Security Considerations
> 
>    TBD

You don't discuss DNSSEC, which is an essential issue for
the future. I don't think we can propose a solution without
DNSSEC support.

My question is, why not combine this draft with the DNS64
model in draft-bagnulo-behave-nat64?

    Brian

Follow-Ups:
- RE: I-D Action:draft-endo-v6ops-dnsproxy-00.txt
  - From: <Masahito.Endou@jp.yokogawa.com>

Prev by Date: FW: Last Call: draft-ietf-tcpm-tcp-soft-errors (TCP's Reaction to Soft Errors) to Informational RFC
Next by Date: RE: I-D Action:draft-endo-v6ops-dnsproxy-00.txt
Previous by thread: FW: Last Call: draft-ietf-tcpm-tcp-soft-errors (TCP's Reaction to Soft Errors) to Informational RFC
Next by thread: RE: I-D Action:draft-endo-v6ops-dnsproxy-00.txt
Index(es):
- Date
- Thread