Hello, I too believe that it's far more common to find dual stack authoritative name servers than normal services. (number of AAAA records https://www.employees.org/~dwing/aaaa-stats/ <https://www.employees.org/~dwing/aaaa-stats/>)
However for normal services, an IPv6 only client under a NAT64 can use a DNS64 to acquire a translated IPv6 address to send packets to the IPv4 only server. There are some problems with DNS64/NAT64 that it cannot operate with literal addresses but if domain names are used an IPv6 only client should be able to work properly without IPv4 with the help of DNS64/NAT64. (This is the main part of my perspective and may be wrong. I have thought that services that do not work with DNS64/NAT64 are either using literal addresses or do not have IPv6 support yet. Please tell me if there are any other reasons for DNS64/NAT64 to fail) My other understanding (that may not be true) is that an iterative resolver is the only application that has the need to use an literal address directly, and cannot make use of Domain names. So my understanding is that a normal IPv6-only client doesn't need IPv4 to connect to IPv4 servers because it can use DNS64/NAT64. But an IPv6-only iterative resolver needs IPv4 because it cannot utilize DNS64. This is why we have submitted a draft to document an IPv6-only iterative resolver to do the DNS64 translation mechanism by itself. Currently some authoritative name servers operate only on IPv4. An IPv6-only iterative resolver that does not perform IPv4-to-IPv6 translation by itself cannot resolve such names. When I resolved top 500 domain names with an IPv6-only iterative resolver that does not perform address translation, 15% of the names could not be resolved compared to when an IPv4 iterative resolve was used. (I have not yet published any numbers in a formal way) Momoka On Mon, Oct 17, 2022 at 3:43 AM Joe Abley <jab...@hopcount.ca> wrote: > Hi again, > > On Oct 16, 2022, at 13:09, Momoka Yamamoto <momoka....@gmail.com> wrote: > > [...] However, we thought that in theory (but maybe not currently) an > iterative resolver is the only application that actually needs IPv4 to > operate. > > > I'm interested in this perspective. > > My feeling is that it's far more common to find dual-stack nameservers > reachable directly by v6-only and v4-only clients than it is to find > services that the requested names refer to that are dual-stack and > similarly reachable. On the face of it this seems like the opposite > assumption than the one you describe above. > > Do you have any data to support your perspective? This is an honest > question; to be clear, I have no data to support mine and I am very willing > to discover that I am wrong :-) > > > Joe > > >
_______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
