IETF Logo Mail Archive

Re: [BEHAVE] DNS64 detecting dual stack clients

Brian E Carpenter <brian.e.carpenter@gmail.com> Wed, 09 November 2011 03:40 UTC

Return-Path: <brian.e.carpenter@gmail.com>
X-Original-To: behave@ietfa.amsl.com
Delivered-To: behave@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0762A11E8073 for <behave@ietfa.amsl.com>; Tue, 8 Nov 2011 19:40:41 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -103.493
X-Spam-Level:
X-Spam-Status: No, score=-103.493 tagged_above=-999 required=5 tests=[AWL=0.106, BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id meJKSmYd1+ky for <behave@ietfa.amsl.com>; Tue, 8 Nov 2011 19:40:40 -0800 (PST)
Received: from mail-vw0-f44.google.com (mail-vw0-f44.google.com [209.85.212.44]) by ietfa.amsl.com (Postfix) with ESMTP id 55A9521F8A7A for <behave@ietf.org>; Tue, 8 Nov 2011 19:40:40 -0800 (PST)
Received: by vws5 with SMTP id 5so1296246vws.31 for <behave@ietf.org>; Tue, 08 Nov 2011 19:40:39 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=message-id:date:from:organization:user-agent:mime-version:to:cc :subject:references:in-reply-to:content-type :content-transfer-encoding; bh=us+BBMm32dZGuNT7TtRktAnk+PXlNfA7f3rEtdJ0I0U=; b=Sb04Sar6KsXYa6nO3cVXgj7k/SLsgsx9OFAuCn6TPd0yokIyNkd4lPJe5bhAarIfZw bBL/CUgv5DRtnxin1iG5y5W5dDBrgyA7xpT3QVB0gKLfE5J3S2SrNQFg0HBD7DVwqJQh ltBHmLARXjF2bYYUp9u00W5PQMkQrrSkEr4g8=
Received: by 10.52.37.36 with SMTP id v4mr1168938vdj.61.1320810039600; Tue, 08 Nov 2011 19:40:39 -0800 (PST)
Received: from [130.216.38.124] (stf-brian.sfac.auckland.ac.nz. [130.216.38.124]) by mx.google.com with ESMTPS id f7sm5508173vdj.13.2011.11.08.19.40.37 (version=SSLv3 cipher=OTHER); Tue, 08 Nov 2011 19:40:38 -0800 (PST)
Message-ID: <4EB9F630.4040008@gmail.com>
Date: Wed, 09 Nov 2011 16:40:32 +1300
From: Brian E Carpenter <brian.e.carpenter@gmail.com>
Organization: University of Auckland
User-Agent: Thunderbird 2.0.0.6 (Windows/20070728)
MIME-Version: 1.0
To: Andrew Sullivan <ajs@anvilwalrusden.com>
References: <4EB9E1E0.1070501@gmail.com> <20111109033003.GL78156@shinkuro.com>
In-Reply-To: <20111109033003.GL78156@shinkuro.com>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Cc: behave@ietf.org
Subject: Re: [BEHAVE] DNS64 detecting dual stack clients
X-BeenThere: behave@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: mailing list of BEHAVE IETF WG <behave.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/behave>, <mailto:behave-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/behave>
List-Post: <mailto:behave@ietf.org>
List-Help: <mailto:behave-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/behave>, <mailto:behave-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 09 Nov 2011 03:40:41 -0000

Andrew,

I should have started with a problem statement. The administrator
has to deal with a network with some dual stack hosts and some
IPv6-only hosts, only has the blunt instruments of DHCPv6 or RFC 6106
to tell the hosts about DNS servers, and doesn't know which
hosts are which.

Yes, it's a kludge on a kludge. It might just be preferable to the one
I've been arguing with Dan about (draft-wing-behave-dhcpv6-reconfigure),
but it's still a kludge.

   Brian

On 2011-11-09 16:30, Andrew Sullivan wrote:
> This is not to pick on Brian.  But he provides the occasion.
> 
> On Wed, Nov 09, 2011 at 03:13:52PM +1300, Brian E Carpenter wrote:
>> Maybe this has been discussed before, but it seems to me that a DNS64 can
>> figure out which clients are dual stack and act accordingly.
> 
> What is the "act accordingly" that is the right thing here?
> 
> <rant> 
> 
> I am sick unto death of suggestions to make DNS64+NAT64 work more
> reliably.  It is a nasty, 80% solution hack.  I cannot speak for
> anyone else involved with it, but to me it was _always_ supposed to be
> a nasty hack -- useful as a kind of field bandage for the most
> egregious problems caused by the fact that there was no real IPv4-IPv6
> upgrade path.  We live in a world with no more IPv4 network addresses
> and little IPv6 penetration; and also one where "the Internet", for
> many people, means "what I get in my browser."  I have taken as my
> motto a sort of Homer Simpson one: "Aim low."  If we can mostly fix
> things most of the time for the most common case, it's useful.  It's
> still a nasty hack, but it's useful for now.
> 
> </rant>
> 
> In my opinion, "act accordingly" is to get out one of those
> muzzle-loading-cannon-on-scissors that is so popular in Warner Bros
> cartoons, and shoot it at the network administrator who configured
> some poor slob's computer with a dual stack and a NAT64.
> 
> Any other case -- like solving the case where I somehow accidentally
> stumble onto a NAT64 network with an unmolested IPv4 connection that
> nobody knows about -- sounds to me like an optimization that shouldn't
> be considered.  If the complaint is, "Yes, but then people will use
> NAT when they don't have to," I express my doubts.  An infinitesimally
> small number of people use unmolested, NAT-free IPv4 today.  Those
> people already know how to cope with IPv6 and how to avoid sludge like
> NAT64.  Everybody else just has a crappy choice of NATs to make.
> 
> If the argument is instead that we can make protocols with embedded
> IPv4 literals in them work marginally better this way, then I suggest
> the additional complications are not worth making for protocols that
> are wrong in their conception to begin with.
> 
> Please, let us not fix something that is broken exactly as much as it
> ought to be.  The pig is wearing enough lipstick.  We should put away
> the cosmetics now.
> 
> A

v2.23.0 | Report a Bug | By Email