Repeating so this gets tied to the draft name. Guidelines for DNS Resolvers states:
If a recursive DNS resolver runs in a network that uses XLAT [RFC6877], and the recursive DNS resolver is aware of the used PREF64 [RFC6146], it SHOULD synthesize mapped IPv6 addresses for remote authoritative DNS servers directly for DNS resolution, instead of relying on the socket translation layer of the operating system. A recursive DNS resolver SHOULD prefer non-synthesized IPv6 addresses over synthesized IPv6 addresses based on a PREF64. Additionally, the PREF64 in use MAY also be statically configured for the DNS resolver. I am going to be contrary here and say that DNS servers MUST NOT synthesis IPv6 address records from the PREF64 option. This is the wrong level of the stack to perform this translation as the DNS server is not an IP router and to do this properly the DNS server would need to process the kernels routing table. Just use the IPv4AAS built into the operating system as it reached via the routing table in the kernel. The DNS is an application that deals with IP literals. CLAT is the correct mechanism to deal with this with XLAT as is B4 with DS-Lite. For anyone here at IETF that has an OS that supports IPv6 mostly, connect the “ietf” network and fire up a DNS server and perform DNS lookups using that server. You will see that they just work regardless of whether the zones are served by IPv4 only, dual stack or IPv6 only. -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: [email protected] _______________________________________________ DNSOP mailing list -- [email protected] To unsubscribe send an email to [email protected]
