[DNSOP] Re: [v6ops] Re: Re: Re: Re: Moving DNS64 (RFC6147) to Internet Standard
Ted Lemon <mellon@fugue.com> Tue, 14 April 2026 18:40 UTC
Return-Path: <mellon@fugue.com>
X-Original-To: dnsop@mail2.ietf.org
Delivered-To: dnsop@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id F2508DC32AA9; Tue, 14 Apr 2026 11:40:15 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=ietf.org; s=ietf1; t=1776192015; bh=vuaPvfqJnpgH7ayDYNwWOy85zeVn38qxrXIsVKJ+6CE=; h=Subject:From:In-Reply-To:Date:Cc:References:To; b=ndWplu8bqA0wvH7IoyXFSDgGridMCt4CcSNyTId23cwhJqaxyRt8k5A4Lh/c3DZqc pDfYZAGTNvvRiFRqtORB2diURq3ARs4qUBfUf4dWmSKN0OqL2pDPg9OJ8/n2b+0LAA gih2FWuRdrOe2J3J1E4YwynGWBKzaWbPfEMgsbmw=
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -2.798
X-Spam-Level:
X-Spam-Status: No, score=-2.798 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H2=0.001, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_PASS=-0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: mail2.ietf.org (amavisd-new); dkim=pass (2048-bit key) header.d=fugue.com header.b="EWsvQaiX"; dkim=pass (2048-bit key) header.d=messagingengine.com header.b="nWoS8gNL"
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ligmXEetb2-N; Tue, 14 Apr 2026 11:40:15 -0700 (PDT)
Received: from fout-b4-smtp.messagingengine.com (fout-b4-smtp.messagingengine.com [202.12.124.147]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by mail2.ietf.org (Postfix) with ESMTPS id 9F677DC31AC6; Tue, 14 Apr 2026 11:32:14 -0700 (PDT)
Received: from phl-compute-02.internal (phl-compute-02.internal [10.202.2.42]) by mailfout.stl.internal (Postfix) with ESMTP id 6AF161D0005F; Tue, 14 Apr 2026 14:32:08 -0400 (EDT)
Received: from phl-frontend-03 ([10.202.2.162]) by phl-compute-02.internal (MEProxy); Tue, 14 Apr 2026 14:32:08 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fugue.com; h=cc :cc:content-transfer-encoding:content-type:content-type:date :date:from:from:in-reply-to:in-reply-to:message-id:mime-version :references:reply-to:subject:subject:to:to; s=fm3; t=1776191528; x=1776277928; bh=XludBKXaHWYTDOKwgXgw18U06yo2Zwm9y5Rx8EcogWE=; b= EWsvQaiXV7RMYz6hKprve4gH7LGRKFqyansrTAlx0jD/H/XowN39d9QXQdeOHDFn ZH8xT3MBVX4Irap+MdkJcHd9EElYq8FezyVxINXa7ImxakKhXH3qXFZyrE12WL2t 2nSGh5+fKp+CThYUEbV3MTbHXlnaiCAiCd9jP9h/VktZlCDtvCunpWKh6MNQsre4 vWiNvfHe69Iqbl08SSu5Z7YzkPT6vHcr2uW2jR0aUZy9E9DN/brDiH5dvhp6zid6 cqZKOPsxOm9qxC1rJieIhvVu0ihtlPX8MSokr0CBMhiWChyvUlsQMDAdXLXTdtKD vkj/vfs1ufFligzU18/1zg==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-transfer-encoding :content-type:content-type:date:date:feedback-id:feedback-id :from:from:in-reply-to:in-reply-to:message-id:mime-version :references:reply-to:subject:subject:to:to:x-me-proxy :x-me-sender:x-me-sender:x-sasl-enc; s=fm2; t=1776191528; x= 1776277928; bh=XludBKXaHWYTDOKwgXgw18U06yo2Zwm9y5Rx8EcogWE=; b=n WoS8gNLtni/rhAEBTdhUnaskQQ6zB8Zt95UQw0ICZFptcV7Hq9Lj7A5PSPAlXSZk n8HOFfSL8ijh1wz4zR27gheWz+PEVFxHqddHjgFAmviW1YN7VY5mAjuIpnFcRK9l SNY3WLdTX1qlR9ISlczvra2IBooh4bVi5Wi1xD964ySjyuZUeEv9qhz9a7LhvB6c PnzDJmpAbp6lcgJhzMs9010vlEFDuxHMRxGyOg8tZKFUwSIsrNaqpnhTp/lhGESC R1DfZnO+33nQ3KY7A4uNRLM5GUMTyQSeUO2UkcmlaWmV+NiG2qFexXOUKAEVu6rN VnR689v/16GtSaNLlbFRg==
X-ME-Sender: <xms:J4jeaYv2lTTWDJUe6Z7CxrHtdzQq-1jNkYLHHOESJztN64xY7Qml-g> <xme:J4jeaTTpnsofEDNFdo86k6WoP-JieHUPOb9ZtreSYh4H51mYtu4LdDR7cgPcQH5TQ w1OTegc43qi3lQHB3SsrrsTDtcY-ixEDwx341XLTwld-yB67jx1Pik>
X-ME-Received: <xmr:J4jeaeM4X8zGSplKxnMr2r5b3zGaCscdMjHU3TmQS8UrBqeYID88MUVwzMuZNkU1IodK5lZFmMNn-1MeN4VWzFrMTuJx_-PtjAanCQ>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeefhedrtddtgdegudekkecutefuodetggdotefrod ftvfcurfhrohhfihhlvgemucfhrghsthforghilhdpuffrtefokffrpgfnqfghnecuuegr ihhlohhuthemuceftddtnecunecujfgurheptggguffhjgffvefgkfhfvffosehtqhhmtd hhtddvnecuhfhrohhmpefvvgguucfnvghmohhnuceomhgvlhhlohhnsehfuhhguhgvrdgt ohhmqeenucggtffrrghtthgvrhhnpeduhfeiuefgtdetleevteeivedujeehgfeiieelue ejieegiedvgfetvefhheeuteenucevlhhushhtvghrufhiiigvpedtnecurfgrrhgrmhep mhgrihhlfhhrohhmpehmvghllhhonhesfhhughhuvgdrtghomhdpnhgspghrtghpthhtoh epgedpmhhouggvpehsmhhtphhouhhtpdhrtghpthhtohepphgthhdqughnshhophdqjees uhdquddrphhhihgtohhhrdgtohhmpdhrtghpthhtohepughnshhophesihgvthhfrdhorh hgpdhrtghpthhtohepjhhorhguihdrphgrlhgvthepgedttghonhhsuhhlihhnthgvlhdr vghssegumhgrrhgtrdhivghtfhdrohhrghdprhgtphhtthhopehviehophhssehivghtfh drohhrgh
X-ME-Proxy: <xmx:J4jeaYZ4gSv9rWOHRVMs9TKxx0_2yLf6VUXX26agSMA5wgo-3YRUgw> <xmx:J4jeaYzI2688wETGdkwsvRdHzc7eeZYpdIEjNTsWlncL8PxIac0DPw> <xmx:J4jeaTIS_7rPyr0mPoAUOhrAHXOUR-6fC34kkV_yeJfomXSDkFE6VA> <xmx:J4jeaSo-Ho6gG1CcvTdqXsdzGgYO8rXc8c1h7WieduDOIU4UOJPvtg> <xmx:KIjeaWq0ZIauOhcK6dA4jmGf9qLkn08YIulVjfIkWOHD8DTjWdXIyW0n>
Feedback-ID: i1136489e:Fastmail
Received: by mail.messagingengine.com (Postfix) with ESMTPA; Tue, 14 Apr 2026 14:32:06 -0400 (EDT)
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3884.100.10\))
From: Ted Lemon <mellon@fugue.com>
In-Reply-To: <m1wCi0t-0000Q7C@stereo.hq.phicoh.net>
Date: Tue, 14 Apr 2026 20:31:55 +0200
Content-Transfer-Encoding: quoted-printable
Message-Id: <BEC52137-2556-45A7-9859-695086C1E9D7@fugue.com>
References: <m1wAunU-0000NEC@stereo.hq.phicoh.net> <2338256.t9SDvczpPo@localhost> <038ae9d1-34fc-4085-aa6d-76ef79287857@gmail.com> <PARP264MB6760A67BB8F2060962E8A64088592@PARP264MB6760.FRAP264.PROD.OUTLOOK.COM> <B93DB6C8-2974-4915-93DE-DFCB6B858AFA@consulintel.es> <m1wB6jW-0000VYC@stereo.hq.phicoh.net> <25022.1775841874@obiwan.sandelman.ca> <m1wBGFD-0000PhC@stereo.hq.phicoh.net> <5539.1775850116@obiwan.sandelman.ca> <m1wCHUo-0000QZC@stereo.hq.phicoh.net> <5A969A5C-EE2A-4581-AAC3-20A1423D0D43@consulintel.es> <m1wCi0t-0000Q7C@stereo.hq.phicoh.net>
To: Philip Homburg <pch-dnsop-7@u-1.phicoh.com>
X-Mailer: Apple Mail (2.3884.100.10)
Message-ID-Hash: FXDQHO5N4BLTOY6Z3OZY4HUP2PMC5UHY
X-Message-ID-Hash: FXDQHO5N4BLTOY6Z3OZY4HUP2PMC5UHY
X-MailFrom: mellon@fugue.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-dnsop.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: dnsop@ietf.org, "jordi.palet@consulintel.es" <jordi.palet=40consulintel.es@dmarc.ietf.org>, IPv6 Operations <v6ops@ietf.org>
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [DNSOP] Re: [v6ops] Re: Re: Re: Re: Moving DNS64 (RFC6147) to Internet Standard
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/8l4BbysE5iMxRIJ-75BKyLkfHN8>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Owner: <mailto:dnsop-owner@ietf.org>
List-Post: <mailto:dnsop@ietf.org>
List-Subscribe: <mailto:dnsop-join@ietf.org>
List-Unsubscribe: <mailto:dnsop-leave@ietf.org>
I think it's also worth asking whether the devices that care about DNSSEC or DOH are the devices that don't do local synthesis. E.g. I'm pretty sure Apple devices will do local synthesis. I get the sense that Google devices will as well. Not sure about Windows, maybe Jen Linkova knows? Also not sure about Linux, probably varies. Of course, if e.g. your browser is doing DoH, it may not bother with DNSSEC anyway, even if your local resolver does do DNSSEC. But it had better do local synthesis, or it's not going to work in a v6only NAT64 environment regardless of whether or not DNS64 is present. But my point is, your printer that's downloading firmware probably isn't doing DNSSEC validation, although it should, and it's probably not using DoH to bypass the local resolver either. > On 14 Apr 2026, at 19:57, Philip Homburg <pch-dnsop-7@u-1.phicoh.com> wrote: > >> I will like to see that long list of things that dont work with >> DNS64 in the real world. > > I don't have a complete list, but here is a start. Let's assume a host > that relies on DNS64 to obtain IPv4 connectivity. What doesn't work in > that case: > 1) An IPv4 literal > 2) Any kind of local DNSSEC validation, either in the stub resolver or in > a local DNS forwarder. > 3) Any resolver configuration that by-passes the local (DNS64) resolver > such as an (optionally DoH, DoT) connection to a public resolver. > 4) Any kind of code that implement STUN for IPv4 but not for > IPv6. > 5) As far as I can tell, any kind of code that tries STUN on an IPv6 address > that was mapped by the DNS64 resolver. > > A few corners cases: > 6) A DNS recursive resolver > 7) DNS code that tries to disable EDNS Client Subnet > > I think there are more protocols that somehow encode whether IPv4 or IPv6 > is used, but this is just from the top of my head. > > _______________________________________________ > v6ops mailing list -- v6ops@ietf.org > To unsubscribe send an email to v6ops-leave@ietf.org
- [DNSOP] Moving DNS64 (RFC6147) to Internet Standa… mohamed.boucadair
- [DNSOP] Re: [v6ops] Moving DNS64 (RFC6147) to Int… Scott Morizot
- [DNSOP] Re: Moving DNS64 (RFC6147) to Internet St… Philip Homburg
- [DNSOP] Re: Moving DNS64 (RFC6147) to Internet St… Paul Vixie
- [DNSOP] Re: [v6ops] Re: Re: Moving DNS64 (RFC6147… Brian E Carpenter
- [DNSOP] Re: [v6ops] Re: Re: Moving DNS64 (RFC6147… mohamed.boucadair
- [DNSOP] Re: [v6ops] Moving DNS64 (RFC6147) to Int… Chenhao Ma
- [DNSOP] Re: [v6ops] Re: Re: Moving DNS64 (RFC6147… Ole Trøan
- [DNSOP] Re: [v6ops] Re: Re: Moving DNS64 (RFC6147… Philip Homburg
- [DNSOP] Re: [v6ops] Re: Re: Re: Moving DNS64 (RFC… Michael Richardson
- [DNSOP] Re: [v6ops] Re: Re: Moving DNS64 (RFC6147… Michael Richardson
- [DNSOP] Re: [Ext] Re: [v6ops] Re: Re: Re: Moving … Paul Hoffman
- [DNSOP] Re: [v6ops] Re: Re: Moving DNS64 (RFC6147… Philip Homburg
- [DNSOP] Re: [v6ops] Re: Re: Re: Re: Moving DNS64 … Nick Buraglio
- [DNSOP] Re: [v6ops] Moving DNS64 (RFC6147) to Int… Dan Wing
- [DNSOP] Re: [v6ops] Moving DNS64 (RFC6147) to Int… Philip Homburg
- [DNSOP] Re: [v6ops] Moving DNS64 (RFC6147) to Int… Ole Trøan
- [DNSOP] Re: [Ext] Re: [v6ops] Re: Re: Re: Moving … Michael Richardson
- [DNSOP] Re: [v6ops] Re: Re: Moving DNS64 (RFC6147… jordi.palet@consulintel.es
- [DNSOP] Re: [v6ops] Re: Re: Moving DNS64 (RFC6147… jordi.palet@consulintel.es
- [DNSOP] Re: [v6ops] Re: Re: Moving DNS64 (RFC6147… Philip Homburg
- [DNSOP] Re: [v6ops] Re: Re: Moving DNS64 (RFC6147… Michael Richardson
- [DNSOP] Re: [v6ops] Re: Re: Moving DNS64 (RFC6147… jordi.palet@consulintel.es
- [DNSOP] Re: [v6ops] [Ext] Re: Re: Re: Re: Moving … jordi.palet@consulintel.es
- [DNSOP] Re: [v6ops] Re: Re: Moving DNS64 (RFC6147… jordi.palet@consulintel.es
- [DNSOP] Re: [v6ops] Moving DNS64 (RFC6147) to Int… mohamed.boucadair
- [DNSOP] Re: [v6ops] Re: Re: Re: Moving DNS64 (RFC… jordi.palet@consulintel.es
- [DNSOP] Re: [v6ops] Re: Re: Re: Moving DNS64 (RFC… Gert Doering
- [DNSOP] Re: [v6ops] Re: Re: Moving DNS64 (RFC6147… jordi.palet@consulintel.es
- [DNSOP] Re: [v6ops] Re: Re: Moving DNS64 (RFC6147… Philip Homburg
- [DNSOP] Re: [v6ops] Re: Re: Re: Moving DNS64 (RFC… Tim Chown
- [DNSOP] Re: [v6ops] Re: Re: Re: Moving DNS64 (RFC… jordi.palet@consulintel.es
- [DNSOP] Re: [v6ops] Re: Re: Re: Moving DNS64 (RFC… Philip Homburg
- [DNSOP] Re: [v6ops] Re: Re: Moving DNS64 (RFC6147… jordi.palet@consulintel.es
- [DNSOP] Re: [v6ops] Re: Re: Re: Moving DNS64 (RFC… Michael Richardson
- [DNSOP] Re: [v6ops] Re: Re: Moving DNS64 (RFC6147… jordi.palet@consulintel.es
- [DNSOP] Re: [v6ops] Re: Re: Re: Re: Moving DNS64 … Brian E Carpenter
- [DNSOP] Re: [Ext] Re: [v6ops] Re: Re: Re: Moving … Warren Kumari
- [DNSOP] Re: [Ext] Re: [v6ops] Re: Re: Re: Moving … jordi.palet@consulintel.es
- [DNSOP] Re: [v6ops] Re: Re: Moving DNS64 (RFC6147… jordi.palet@consulintel.es
- [DNSOP] Re: [v6ops] Re: Re: Re: Moving DNS64 (RFC… Philip Homburg
- [DNSOP] Re: [v6ops] Re: Re: Re: Re: Moving DNS64 … Ted Lemon
- [DNSOP] Re: [v6ops] Re: Re: Re: Re: Re: Moving DN… Mark Andrews
- [DNSOP] Re: [v6ops] Re: Re: Re: Re: Re: Moving DN… Mark Andrews
- [DNSOP] Re: [v6ops] Re: [Ext] Re: Re: Re: Re: Mov… Michael Richardson
- [DNSOP] Re: [v6ops] Re: Re: Re: Re: Re: Moving DN… Brian E Carpenter
- [DNSOP] Re: [v6ops] Re: Re: Re: Moving DNS64 (RFC… Michael Richardson
- [DNSOP] Re: [v6ops] Re: Re: Moving DNS64 (RFC6147… Michael Richardson
- [DNSOP] Re: [v6ops] Re: [Ext] Re: Re: Re: Re: Mov… Brian E Carpenter
- [DNSOP] Re: [v6ops] Re: Re: Re: Re: Moving DNS64 … jordi.palet@consulintel.es
- [DNSOP] Re: [v6ops] Re: Re: Re: Re: Moving DNS64 … jordi.palet@consulintel.es
- [DNSOP] Re: [v6ops] Re: Re: Re: Re: Moving DNS64 … jordi.palet@consulintel.es
- [DNSOP] Re: [v6ops] Re: Re: Re: Re: Moving DNS64 … Philip Homburg
- [DNSOP] Re: [v6ops] Re: Re: Re: Re: Moving DNS64 … jordi.palet@consulintel.es
- [DNSOP] Re: [v6ops] Re: Re: Re: Moving DNS64 (RFC… Philip Homburg
- [DNSOP] Re: [v6ops] Re: Re: Re: Re: Moving DNS64 … marka
- [DNSOP] (Concluded) RE: Moving DNS64 (RFC6147) to… mohamed.boucadair
- [DNSOP] Re: (Concluded) RE: Moving DNS64 (RFC6147… jordi.palet@consulintel.es
- [DNSOP] Re: [v6ops] Re: Re: Re: Re: Moving DNS64 … jordi.palet@consulintel.es
- [DNSOP] Re: [v6ops] Re: Re: Re: Re: Moving DNS64 … jordi.palet@consulintel.es
- [DNSOP] Re: [v6ops] Re: Re: Re: Re: Re: Moving DN… Philip Homburg
- [DNSOP] Re: (Concluded) RE: Moving DNS64 (RFC6147… Philipp Tiesel
- [DNSOP] Re: (Concluded) RE: Moving DNS64 (RFC6147… jordi.palet@consulintel.es