Re: [BEHAVE] [v6ops] New Version Notification for draft-momoka-v6ops-ipv6-only-resolver-00.txt
Mark Andrews <marka@isc.org> Mon, 10 October 2022 01:25 UTC
Return-Path: <marka@isc.org>
X-Original-To: behave@ietfa.amsl.com
Delivered-To: behave@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0EA1DC14F746; Sun, 9 Oct 2022 18:25:05 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.105
X-Spam-Level:
X-Spam-Status: No, score=-7.105 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=isc.org header.b=UKXXyXQ4; dkim=pass (1024-bit key) header.d=isc.org header.b=OTr5OsbH
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id l2xNY4LxqVrQ; Sun, 9 Oct 2022 18:25:00 -0700 (PDT)
Received: from mx.pao1.isc.org (mx.pao1.isc.org [149.20.64.53]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D0136C14F735; Sun, 9 Oct 2022 18:24:59 -0700 (PDT)
Received: from zimbrang.isc.org (zimbrang.isc.org [149.20.1.12]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mx.pao1.isc.org (Postfix) with ESMTPS id A70A83AB007; Mon, 10 Oct 2022 01:24:57 +0000 (UTC)
ARC-Filter: OpenARC Filter v1.0.0 mx.pao1.isc.org A70A83AB007
Authentication-Results: mx.pao1.isc.org; arc=none smtp.remote-ip=149.20.1.12
ARC-Seal: i=1; a=rsa-sha256; d=isc.org; s=ostpay; t=1665365097; cv=none; b=Dnl3PCWJj47UXkGx1XrG4EU4Z/AeIQemEKxVDJyK9hWlPasHE1C4AXK4BJRRRpKl5IBgzDVMO1WmquYU6CP5aXhXVWh+kTbiGanlUCnBvmhVSz5id8fgje+HDzAZ69SLLfGf8Wm2QfJU4NVoUS/oB+snT5GKWLODo3s6rDE+0v4=
ARC-Message-Signature: i=1; a=rsa-sha256; d=isc.org; s=ostpay; t=1665365097; c=relaxed/relaxed; bh=2Hpkh+Xq2GHey6Qni6I3FNPV63yK4QY1orzomZFKsmU=; h=DKIM-Signature:DKIM-Signature:Mime-Version:Subject:From:Date: Message-Id:To; b=GBXjZg5RKV4bcaGV2JRjNqMjxc+m8Z2M2ANe1WqC25JeweTkVaKNFgOyrdZmM7rUM5z35NkpWqOmMLV3p0BLLOgJWgvI4hMeHR0MvYcCsNwhOO8H2FmFbO9hFHceykUwadHSn2ITup8kvA9GELmqQvsMJZmGrQI4jiXiYi7mBtE=
ARC-Authentication-Results: i=1; mx.pao1.isc.org
DKIM-Filter: OpenDKIM Filter v2.10.3 mx.pao1.isc.org A70A83AB007
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=isc.org; s=ostpay; t=1665365097; bh=YS6oX0qelprLE9Ix4AxX0onksTsro1i6tuaC4UuN6CQ=; h=Subject:From:In-Reply-To:Date:Cc:References:To; b=UKXXyXQ4jtAMF8klggkAqFOzst+wKg9O8cwEfCwFb/PV18+fOwaMrXbjQTUf7XiMR Ni8RDhoqhlKdW40+o5CSitqvVEG7gSEfb+1QOWvjpsF9bu1+IVr389GLKrERdjhAEu Kg0fbqnks7WG4uNX20FkdijPhoFa1KMt4n7cQdOs=
Received: from zimbrang.isc.org (localhost.localdomain [127.0.0.1]) by zimbrang.isc.org (Postfix) with ESMTPS id 8067EB40308; Mon, 10 Oct 2022 01:24:57 +0000 (UTC)
Received: from localhost (localhost.localdomain [127.0.0.1]) by zimbrang.isc.org (Postfix) with ESMTP id 330A0B40309; Mon, 10 Oct 2022 01:24:57 +0000 (UTC)
DKIM-Filter: OpenDKIM Filter v2.10.3 zimbrang.isc.org 330A0B40309
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=isc.org; s=05DFB016-56A2-11EB-AEC0-15368D323330; t=1665365097; bh=2Hpkh+Xq2GHey6Qni6I3FNPV63yK4QY1orzomZFKsmU=; h=Mime-Version:From:Date:Message-Id:To; b=OTr5OsbH8h1dZy8Y/+BRfGns5XiAxPvQJMj6JL3Qt/Da07dk6OeXBtOxKDd0PG+5M yPvaTHshbY5r+EttDax9t8I2Qozi9kx5Q1HpEfhQLt5PlI+KoX4Lpunpo/VsA7Ztn5 Y6Hm3bqwFGmPGaFJr/n8aoIJMizUWgPn4GXO1Nhg=
Received: from zimbrang.isc.org ([127.0.0.1]) by localhost (zimbrang.isc.org [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id mBUgeB_1iT-s; Mon, 10 Oct 2022 01:24:57 +0000 (UTC)
Received: from smtpclient.apple (n49-187-27-239.bla1.nsw.optusnet.com.au [49.187.27.239]) by zimbrang.isc.org (Postfix) with ESMTPSA id 841B1B40308; Mon, 10 Oct 2022 01:24:55 +0000 (UTC)
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 14.0 \(3654.120.0.1.13\))
From: Mark Andrews <marka@isc.org>
In-Reply-To: <CAD9w2qZcpXHtLJ_e339vXNcngWLUUX=2QkvJK+Ft2rHUpPybVw@mail.gmail.com>
Date: Mon, 10 Oct 2022 12:24:52 +1100
Cc: dnsop <dnsop@ietf.org>, 6man list <ipv6@ietf.org>, behave@ietf.org, v6ops@ietf.org
Content-Transfer-Encoding: quoted-printable
Message-Id: <B5053FB6-CA61-44F6-9950-2B34F05C0A8B@isc.org>
References: <166499026925.13796.13915421299077027396@ietfa.amsl.com> <CAD9w2qaiUypShb15E14sv8D0xaFw7QAoJ7QUmv2EXdaFvtM5+Q@mail.gmail.com> <A1DD12C9-6E0C-47DB-8214-4085BE612F8F@isc.org> <CAD9w2qZcpXHtLJ_e339vXNcngWLUUX=2QkvJK+Ft2rHUpPybVw@mail.gmail.com>
To: Momoka Yamamoto <momoka.my6@gmail.com>
X-Mailer: Apple Mail (2.3654.120.0.1.13)
Archived-At: <https://mailarchive.ietf.org/arch/msg/behave/jC1HqVWBsItaSyBWt8gTv82xr9c>
Subject: Re: [BEHAVE] [v6ops] New Version Notification for draft-momoka-v6ops-ipv6-only-resolver-00.txt
X-BeenThere: behave@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: mailing list of BEHAVE IETF WG <behave.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/behave>, <mailto:behave-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/behave/>
List-Post: <mailto:behave@ietf.org>
List-Help: <mailto:behave-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/behave>, <mailto:behave-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 10 Oct 2022 01:25:05 -0000
> On 9 Oct 2022, at 04:58, Momoka Yamamoto <momoka.my6@gmail.com> wrote: > > > re: Mark Andrews 's comments > > this is yet another example of why DNS64 should be made historic. > > This is requesting even more support to work around problems introduced by DN64, a poorly thought out, supposedly short term hack. > > We did not write this draft thinking DNS64 has a problem. I didn’t think you did but it highlights the problems with DNS64. DNS64 does not work with address literals. > We thought that IPv6-only iterative resolvers not existing because of IPv4-only authoritative servers is a problem, and wanted a way to solve it from the resolver side and not only from the network side (e.g. using 464XLAT). Why do you think that promoting this niche fix is better that promoting that OS’s support 464XLAT, DS-Lite at the OS level? The later fixes the issues for every application on the node. We have well specified signalling for when a node to bring up 464XLAT, MAP-E, MAP-T, DS-Lite. We should be encouraging nodes to do just that when the signalling is present. We should be encouraging CPE router vendors to support copying the signalling from the ISP side to the internal side similar to how they do with DNS recursive server signalling by default except when configured not to. If a node can’t attach to an IPv6-only network and use the transition mechanism offered without applications have to know anything about it then it is deficient. DNS servers are an application in this context. The IETF should be trying to winnow down the number of transition mechanisms that vendors need to support. Less is actually more here and unfortunately we have not done a good job of pushing back on excessive choice. Mark > On Fri, Oct 7, 2022 at 2:47 PM Mark Andrews <marka@isc.org> wrote: > While we (ISC) have been working on this for years <https://gitlab.isc.org/isc-projects/bind9/-/merge_requests/2166>, this is yet another example of why DNS64 should be made historic. This > is requesting even more support to work around problems introduced by DN64, a poorly thought out, supposedly short term hack. > > It is NOT needed with 464XLAT, DS-Lite and other transition technologies where the IP stack maps > from IPv4 to IPv6 or the CPE maps from IPv4 to IPv6. > > Additionally this is an indication the BCP91 is now out of date. Best current practice has been > to operate dual stack servers for many years now. > > Mark > > > On 7 Oct 2022, at 16:12, Momoka Yamamoto <momoka.my6@gmail.com> wrote: > > > > Hello, > > > > I have submitted an informational draft that describes resolvers performing IPv4 to IPv6 translation to send queries to IPv4-only authoritative servers. > > We thought it would be beneficial to document that we can operate a resolver with only an IPv6 address if we utilize the NAT64. > > Despite that it is stated in BCP91 [RFC3901], "every recursive name server SHOULD be either IPv4-only or dual stack." > > > > Since this is more related to IPv6/IPv4 translation I have submitted the draft to the v6ops wg, > > but because this is DNS related I would very much appreciate it if I could have comments from the dnsop list as well. > > > > Momoka. Y > > > > ---------- Forwarded message --------- > > From: <internet-drafts@ietf.org> > > Date: Thu, Oct 6, 2022 at 2:17 AM > > Subject: New Version Notification for draft-momoka-v6ops-ipv6-only-resolver-00.txt > > To: Momoka Yamamoto <momoka.my6@gmail.com>, Toyota Yasunobu <yasnyan@sfc.wide.ad.jp> > > > > > > > > A new version of I-D, draft-momoka-v6ops-ipv6-only-resolver-00.txt > > has been successfully submitted by Momoka Yamamoto and posted to the > > IETF repository. > > > > Name: draft-momoka-v6ops-ipv6-only-resolver > > Revision: 00 > > Title: IPv6 only iterative resolver utilising NAT64 > > Document date: 2022-10-05 > > Group: Individual Submission > > Pages: 9 > > URL: https://www.ietf.org/archive/id/draft-momoka-v6ops-ipv6-only-resolver-00.txt > > Status: https://datatracker.ietf.org/doc/draft-momoka-v6ops-ipv6-only-resolver/ > > Html: https://www.ietf.org/archive/id/draft-momoka-v6ops-ipv6-only-resolver-00.html > > Htmlized: https://datatracker.ietf.org/doc/html/draft-momoka-v6ops-ipv6-only-resolver > > > > > > Abstract: > > By performing IPv4 to IPv6 translation, IPv6-only iterative resolvers > > can operate in an IPv6-only environment. When a specific DNS zone is > > only served by an IPv4-only authoritative server, the iterative > > resolver will translate the IPv4 address to IPv6 to access the > > authoritative server's IPv4 address via NAT64. This mechanism allows > > IPv6-only iterative resolvers to initiate communications to IPv4-only > > authoritative servers. > > > > > > > > > > The IETF Secretariat > > > > > > _______________________________________________ > > DNSOP mailing list > > DNSOP@ietf.org > > https://www.ietf.org/mailman/listinfo/dnsop > > -- > Mark Andrews, ISC > 1 Seymour St., Dundas Valley, NSW 2117, Australia > PHONE: +61 2 9871 4742 INTERNET: marka@isc.org > -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: marka@isc.org
- Re: [BEHAVE] [DNSOP] New Version Notification for… Mark Andrews
- Re: [BEHAVE] [v6ops] New Version Notification for… Momoka Yamamoto
- Re: [BEHAVE] [DNSOP] [v6ops] New Version Notifica… Joe Abley
- Re: [BEHAVE] [v6ops] New Version Notification for… Mark Andrews
- Re: [BEHAVE] [v6ops] New Version Notification for… Keith Moore
- Re: [BEHAVE] [v6ops] New Version Notification for… Momoka Yamamoto
- Re: [BEHAVE] [DNSOP] [v6ops] New Version Notifica… Momoka Yamamoto
- Re: [BEHAVE] [DNSOP] [v6ops] New Version Notifica… Joe Abley
- Re: [BEHAVE] [DNSOP] [v6ops] New Version Notifica… Michael Richardson
- Re: [BEHAVE] [DNSOP] [v6ops] New Version Notifica… Geoff Huston
- Re: [BEHAVE] [DNSOP] [v6ops] New Version Notifica… Michael Richardson
- Re: [BEHAVE] [DNSOP] [v6ops] New Version Notifica… Geoff Huston
- Re: [BEHAVE] [DNSOP] [v6ops] New Version Notifica… Momoka Yamamoto
- Re: [BEHAVE] [DNSOP] [v6ops] New Version Notifica… Mark Andrews