Slide 1

DNS46 for the IPv4/IPv6 Stateless Translator X. Li, C. Bao 2009-11-08 Slide 2 2 Objects of this draft General DNS46 is considered harmful. NAT-PT was deprecated [RFC4966]RFC4966 However, the stateless translation requires not only the DNS64 but also the DNS46 supports. This is why we need to document a specific DNS46 tool somewhere. Slide 3 3 Scenarios and stateless solution Scenario 1 an IPv6 network to the IPv4 Internet Scenario 2 the IPv4 Internet to an IPv6 network Scenario 5 an IPv6 network to an IPv4 network Scenario 6 an IPv4 network to an IPv6 network xlate The IPv4 Internet An IPv6 Network (subset) DNS xlate An IPv6 Network (subset) DNS An IPv4 Network Ask for A Ask for AAAA Note that the xlate and DNS functions are decoupled. Slide 4 4 DNS function for the IPv4/IPv6 Stateless Translation Scenario 1: An IPv6 network to the IPv4 Internet DNS64 Synthesizing Scenario 2: The IPv4 Internet to an IPv6 network DNS46 Synthesizing/Authoritative Scenario 5: An IPv6 network to an IPv4 network DNS64 Synthesizing/Authoritative Scenario 6: An IPv4 network to an IPv6 network DNS46 Synthesizing/Authoritative Slide 5 5 DNS64 function for the IPv4/IPv6 Stateless Translation The DNS64 function, which is defined for the stateful translation in Scenarios 1, 3 and 5, can also be used for the stateless translation in Scenario 1 and 5. The DNS64 function is defined in DNS64 document [I-D.ietf-behave-dns64].I-D.ietf-behave-dns64 Slide 6 6 DNS46 function for the IPv4/IPv6 Stateless Translator (1) Static AAAA record This is very similar to the authoritative DNS configuration of the dual-stack hosts. However, The hosts are typically IPv6 single stack (or for some reason incapable of using IPv4 on a particular network) with AAAA record in the zone file. A record in the zone file can be derived from the AAAA record based on the algorithm and the PREFIX information [I-D.ietf-behave-address- format].I-D.ietf-behave-address- format Slide 7 7 DNS46 function for the IPv4/IPv6 Stateless Translator (2) Varying AAAA record If IPv6 host has a varying AAAA record (e.g. Dynamic DNS). Then, The hosts are typically IPv6 single stack (or for some reason incapable of using IPv4 on a particular network) with varying AAAA record. When the authoritative DNS receives a dynamic update containing AAAA record, it MUST synthesize corresponding A record before signing the zone, which can be derived based on the algorithm and the PREFIX information [I-D.ietf- behave-address-format].I-D.ietf- behave-address-format Slide 8 8 DNS46 function for the IPv4/IPv6 Stateless Translator (3) For Scenario 6 (an IPv4 network to IPv6 network), no matter it is static AAAA record or varying AAAA record. It is also possible to use DNS resolver The hosts are typically IPv6 single stack (or for some reason incapable of using IPv4 on a particular network) with AAAA record. The DNS resolver can synthesize the A record from the AAAA record based on the algorithm and the PREFIX information [I-D.ietf-behave-address- format].I-D.ietf-behave-address- format Slide 9 9 Remaining issues DNSSEC Authoritative is good for DNSSEC Synthesis is an interim solution to avoid forcing upgrading of authoritative DNS servers. Reverse DNS Since it is authoritative server, the reverse DNS is also under network operators control.