In message <[email protected]>, Sander Steffann writes: > Hi Mark, > > > I presume the configuration was: > > > > Internet <-> ISP validating DNS64 <-> clients. > > Correct > > > That's the trivial configuration. > > > > You need to think about all the other ways networks are set up today. > > > > Internet <-> ISP validating DNS64 <-> validating recursive server <-> > clients. > > Internet <-> ISP validating DNS64 <-> validating recursive server <-> > validating clients. > > Those setups are so uncommon in the places where DNS64 is used that it > causes no problems.
Except people seem to think that NAT64/DNS64 and 464XLAT is a good future solution to the places where the above without DNS64 is currently in use today. We need to be delivering tech today that will work when the ISPs that are currently IPv4-only or dual stack today become IPv6-only tomorrow. Those ISPs have people with validating resolvers that point at the ISP's resolvers or they point to resolvers like Google's 8.8.8.8 service or they just talk directly to the root servers. Not all of those validating resolvers are on border routers. Now the resolvers that use 8.8.8.8 just need to add 2001:4860:4860::8888 to the list of forwarders to work in a IPv6-only environment. Those that talk directly to the root need to add a server of last resort like 2001:4860:4860::8888 so they can lookup data from zones with IPv4 only servers. We added code to our nameserver product over a decade ago to support this sort of behaviour. We knew that recursive servers would end up behind IPv6-only links that needed to lookup data from IPv4-only zones. Mark > I realise that there are plenty of ways this can break, but in reality it > works pretty well. But I agree it's a hack and the sooner we can get rid > of IPv4 the better. In that context I'll happily use it. > > Cheers, > Sander > > -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: [email protected] _______________________________________________ sunset4 mailing list [email protected] https://www.ietf.org/mailman/listinfo/sunset4
