IETF Logo Mail Archive

Re: [BEHAVE] I-D Action: draft-wing-behave-dhcpv6-reconfigure-00.txt

Brian E Carpenter <brian.e.carpenter@gmail.com> Wed, 09 November 2011 01:58 UTC

Return-Path: <brian.e.carpenter@gmail.com>
X-Original-To: behave@ietfa.amsl.com
Delivered-To: behave@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2EBBE21F8A55 for <behave@ietfa.amsl.com>; Tue, 8 Nov 2011 17:58:33 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -103.487
X-Spam-Level:
X-Spam-Status: No, score=-103.487 tagged_above=-999 required=5 tests=[AWL=0.112, BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RYrADwEGDLte for <behave@ietfa.amsl.com>; Tue, 8 Nov 2011 17:58:32 -0800 (PST)
Received: from mail-vx0-f172.google.com (mail-vx0-f172.google.com [209.85.220.172]) by ietfa.amsl.com (Postfix) with ESMTP id 165BB21F8997 for <behave@ietf.org>; Tue, 8 Nov 2011 17:58:32 -0800 (PST)
Received: by vcbfk1 with SMTP id fk1so1141059vcb.31 for <behave@ietf.org>; Tue, 08 Nov 2011 17:58:31 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=message-id:date:from:organization:user-agent:mime-version:to:cc :subject:references:in-reply-to:content-type :content-transfer-encoding; bh=3VcDoeftBruwrL/9vYZUDAhpmULDYysVkTqsrsT2prc=; b=lb+EyPd1Dv8+ziAmAgiuCaGm6HaGJwNomo0Ws/Rj9h3WjuKOpNyjDVmuZRXYCIsVYD O0w1BS4K/1c8aLcy2FUom2G3cmTOB0zKGLBop9naeErLHJngRtAmqdIGdGLoF5CFCZz7 1wUBtODKe1YyaneMDjNSjLvWrFtnKQed0l6VU=
Received: by 10.52.113.227 with SMTP id jb3mr790441vdb.15.1320803911549; Tue, 08 Nov 2011 17:58:31 -0800 (PST)
Received: from [130.216.38.124] (stf-brian.sfac.auckland.ac.nz. [130.216.38.124]) by mx.google.com with ESMTPS id p2sm5120370vdi.22.2011.11.08.17.58.27 (version=SSLv3 cipher=OTHER); Tue, 08 Nov 2011 17:58:30 -0800 (PST)
Message-ID: <4EB9DE53.70805@gmail.com>
Date: Wed, 09 Nov 2011 14:58:43 +1300
From: Brian E Carpenter <brian.e.carpenter@gmail.com>
Organization: University of Auckland
User-Agent: Thunderbird 2.0.0.6 (Windows/20070728)
MIME-Version: 1.0
To: Dan Wing <dwing@cisco.com>
References: <CAD4C50C.120E6%praspati@cisco.com> <4EAF0384.1050002@gmail.com> <1be201cc98b3$249d7a90$6dd86fb0$@com> <4EB6EBEB.2010600@gmail.com> <02f701cc9d89$5ad65ca0$108315e0$@com>
In-Reply-To: <02f701cc9d89$5ad65ca0$108315e0$@com>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Cc: 'Prashanth Patil' <praspati@cisco.com>, behave@ietf.org
Subject: Re: [BEHAVE] I-D Action: draft-wing-behave-dhcpv6-reconfigure-00.txt
X-BeenThere: behave@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: mailing list of BEHAVE IETF WG <behave.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/behave>, <mailto:behave-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/behave>
List-Post: <mailto:behave@ietf.org>
List-Help: <mailto:behave-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/behave>, <mailto:behave-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 09 Nov 2011 01:58:33 -0000

Dan,

> Our proposal does not force dual-stack hosts to resolve DNS using
> IPv4 transport (DNS-over-IPv4).

I must have misunderstood again. It seems to me that this is exactly
the effect of the following process:

   1.  *IPv6-only transition to Dual-Stack* In case a host is IPv6-only
       to start off, it is provided a DNS64 Server.  When transitioning
       to dual-stack, a IPv4 DNS Server is assigned as a consequence of
       obtaining an IPv4 Address.  The DHCPv6 Relay Agent can detect
       this and send RELAY-RECONFIG message Section 4.1 to the DHCPv6
       Server indicating that the host needs to be needs to be provided
       with "normal" DNS Server followed by DNS64 server.

That would give it an IPv4-mapped address for DNS service, which it would
therefore access using native IPv4.

Regards
   Brian

On 2011-11-08 09:10, Dan Wing wrote:
>> -----Original Message-----
>> From: Brian E Carpenter [mailto:brian.e.carpenter@gmail.com]
>> Sent: Sunday, November 06, 2011 12:20 PM
>> To: Dan Wing
>> Cc: 'Prashanth Patil'; behave@ietf.org
>> Subject: Re: [BEHAVE] I-D Action: draft-wing-behave-dhcpv6-reconfigure-
>> 00.txt
>>
>> On 2011-11-02 05:27, Dan Wing wrote:
>>>> -----Original Message-----
>>>> From: behave-bounces@ietf.org [mailto:behave-bounces@ietf.org] On
>>>> Behalf Of Brian E Carpenter
>>>> Sent: Monday, October 31, 2011 1:22 PM
>>>> To: Prashanth Patil
>>>> Cc: behave@ietf.org
>>>> Subject: Re: [BEHAVE] I-D Action: draft-wing-behave-dhcpv6-
>> reconfigure-
>>>> 00.txt
>>>>
>>>> I don't get it. If a host is dual stacked it can be configured with
>>>> any DNS server, as long as it is not a DNS64. If you can have a
>>>> DNS64 directly visible, and a v4-only DNS server directly visible,
>>>> you are on a dual stack network, so you can also have a dual stack
>>>> DNS server directly visible.
>>> It is anticipated that a network will have a mix of IPv4-only,
>>> IPv6-only, and dual-stack hosts.  The hosts don't know if they
>>> need a 'normal' DNS server or a DNS64, nor do we have a way
>>> to tell them the difference.
>> Indeed not, it is for the DHCPv6 server to ensure that the IPv6-only
>> hosts are pointed to the abnormal DNS server (i.e. the DNS64 server).
>> I'm left very uncomfortable by this kludge. Forcing dual-stack hosts
>> to resolve DNS via IPv4 seems backwards.
> 
> Our proposal does not force dual-stack hosts to resolve DNS using
> IPv4 transport (DNS-over-IPv4).
> 
>> Also, how will this help on a network that is using RFC 6106?
>> DHCPv6 isn't mandatory afaik.
> 
> The RA-versus-DHCPv6 controversy is not unique to this idea,
> of course.
> 
> Let's see if the idea has merit; if it does, we can describe
> how to provide similar functionality using unicast RA.
> 
> -d
> 
> 
>>     Brian
>>
>>> This I-D attempts to provide a solution to that problem of a
>>> network with a mix of hosts that need to be configured with a
>>> 'normal' DNS server and DNS64 server.  We believe the underlying
>>> idea (to "poke" a host to tell it something changed on the
>>> network) appears to have other applicability beyond the DNS/DNS64
>>> use-case, as well.
>>>
>>> -d
>>>
>>>
>>>> Regards
>>>>    Brian Carpenter
>>>>
>>>> On 2011-11-01 05:05, Prashanth Patil wrote:
>>>>> Hi Brian,
>>>>> The idea behind the proposal is to provision a means by which
>> traffic
>>>> is
>>>>> sent using IPv4 and not through the IPv6/IPv4 translator. The
>>>> advantage
>>>>> being that if NAT44 and NAT64 are deployed on the same network, it
>> is
>>>>> preferable to use NAT44 over NAT64 because of scale, performance
>> and
>>>>> application incompatibility issues (e.g., FTP) [RFC6384].
>>>>> A "normal" DNS server does not have DNS64 capability. The IPv4-
>> mapped
>>>>> address for this "normal" server ensures that it can be reached
>> only
>>>> by
>>>>> IPv4š. So if a host is IPv4-only, it will send a DNS query to the
>>>> "normal"
>>>>> server just to get the A records. If the host is dual-stack it will
>>>> also
>>>>> send a DNS query to the "normal" server to get both A and AAAA
>>>> records. If
>>>>> the destination address is an IPv4 address,  dual-stack host just
>>>> gets A
>>>>> records but not synthesized AAAA records. So this technique will
>>>> ensure that
>>>>> IPv4 is preferred over the IPv6/IPv4 translator prefix and also
>> gives
>>>> native
>>>>> IPv6 higher precedence than IPv4.
>>>>> If the host happens to be IPv6 only, then it cannot reach the
>>>> "normal"
>>>>> server because it has IPv4-mapped prefix as explained previously.
>> So
>>>> IPv6
>>>>> only host can only reach DNS64 server. So this host will send the
>> DNS
>>>> query
>>>>> to DNS64 to get AAAA records. Based on the destination address the
>>>> host will
>>>>> get IPv4-embedded IPv6 address or just the global IPv6 address.
>>>>>
>>>>> šNote: From RFC 6052
>>>>> ³When presented with the IPv4-mapped prefix, current versions of
>>>> Windows and
>>>>> Mac OS generate IPv4 packets, but will not send IPv6 packets.²
>>>>>
>>>>> -Prashanth
>>>>>
>>>>> On 22/10/11 6:20 AM, Brian E Carpenter wrote:
>>>>>> I have a basic question. Why does this draft define a 'normal'
>>>>>> DNS server as one having an IPv4-mapped IPv6 address?
>>>>>>
>>>>>> That seems like a completely *abnormal* DNS server for a dual
>>>>>> stack host. A dual stack host should normally have a DNS server
>>>>>> with a regular IPv6 address that will return both A and AAAA
>>>>>> records if they exist. Normally the server will be dual stacked
>>>>>> anyway, and will return exactly the same response whether the
>>>>>> query arrives via v4 or v6.
>>>>>>
>>>>>> A DNS server which only has an IPv4 address will also return
>>>>>> A and AAAA records if they exist, so there is absolutely no
>>>>>> difference as far as the dual stack host is concerned anyway.
>>>>>> So what is the point in using the IPv4-mapped address?
>>>>>>
>>>>>> Regards
>>>>>>     Brian
>>>>>>
>>>>>> On 2011-10-18 11:17, internet-drafts@ietf.org wrote:
>>>>>>> A New Internet-Draft is available from the on-line Internet-
>> Drafts
>>>>>>> directories.
>>>>>>>
>>>>>>>     Title           : DHCPv6 Dynamic Re-Configuration
>>>>>>>     Author(s)       : Dan Wing
>>>>>>>                            Tirumaleswar Reddy
>>>>>>>                            Prashanth Patil
>>>>>>>     Filename        : draft-wing-behave-dhcpv6-reconfigure-00.txt
>>>>>>>     Pages           : 10
>>>>>>>     Date            : 2011-10-17
>>>>>>>
>>>>>>>     Some networks are expected to support IPv4-only, dual-stack,
>>>> and
>>>>>>>     IPV6-only hosts at the same time.  This makes prioritizing
>> the
>>>> DNS
>>>>>>>     servers for hosts tricky due to a heterogeneous mix of
>> protocol
>>>>>>>     stacks causing optimal behavior to occur only when the host
>>>> stack re-
>>>>>>>     initializes.  The networks infrastructure is usually well
>>>> equipped to
>>>>>>>     be aware of single/dual-stack nature of hosts.  This
>>>> specification
>>>>>>>     extends DHCPv6 so that the DHCPv6 Relay Agent can dynamically
>>>>>>>     influence the priority of DNS servers provided to the host,
>> so
>>>> that
>>>>>>>     the host can use the optimal DNS server for resolution.
>>>>>>>
>>>>>>>
>>>>>>> A URL for this Internet-Draft is:
>>>>>>> http://www.ietf.org/internet-drafts/draft-wing-behave-dhcpv6-
>>>> reconfigure-00.t
>>>>>>> xt
>>>>>>>
>>>>>>> Internet-Drafts are also available by anonymous FTP at:
>>>>>>> ftp://ftp.ietf.org/internet-drafts/
>>>>>>>
>>>>>>> This Internet-Draft can be retrieved at:
>>>>>>> ftp://ftp.ietf.org/internet-drafts/draft-wing-behave-dhcpv6-
>>>> reconfigure-00.tx
>>>>>>> t
>>>>>>> _______________________________________________
>>>>>>> I-D-Announce mailing list
>>>>>>> I-D-Announce@ietf.org
>>>>>>> https://www.ietf.org/mailman/listinfo/i-d-announce
>>>>>>> Internet-Draft directories: http://www.ietf.org/shadow.html
>>>>>>> or ftp://ftp.ietf.org/ietf/1shadow-sites.txt
>>>>>>>
>>>>>> _______________________________________________
>>>>>> Behave mailing list
>>>>>> Behave@ietf.org
>>>>>> https://www.ietf.org/mailman/listinfo/behave
>>>>>
>>>> _______________________________________________
>>>> Behave mailing list
>>>> Behave@ietf.org
>>>> https://www.ietf.org/mailman/listinfo/behave
>>>
> 
>

v2.23.0 | Report a Bug | By Email