[DNSOP] Re: [v6ops] Re: Re: Re: Re: Re: Moving DNS64 (RFC6147) to Internet Standard
Philip Homburg <pch-dnsop-7@u-1.phicoh.com> Wed, 15 April 2026 10:17 UTC
Return-Path: <pch-b55F8B228@u-1.phicoh.com>
X-Original-To: dnsop@mail2.ietf.org
Delivered-To: dnsop@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id 4E8EBDCA7982; Wed, 15 Apr 2026 03:17:56 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=ietf.org; s=ietf1; t=1776248276; bh=iqCP0SUve4j921nTtDYJyA5SL8d0COnjUPkeC9IZt38=; h=To:Cc:Subject:From:References:In-reply-to:Date; b=S38ps1aOp/Vqho3dYLf8KDj/hgvlrTKBAGohN93AorrTRyjnD0PwDy5cl5z4l3pj/ x5Rb1ThxfKjkQ/qv/VcnSdqzITM1qhImo43XbNW0R5l+MDFiS/UGsWmEMsBUirVwYm XtA9cnsEbA/zViHKYPvdhKB4JOmnG7NrbJkzNjis=
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -1.896
X-Spam-Level:
X-Spam-Status: No, score=-1.896 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001] autolearn=unavailable autolearn_force=no
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0yM356gyGxHU; Wed, 15 Apr 2026 03:17:56 -0700 (PDT)
Received: from stereo.hq.phicoh.net (stereo.hq.phicoh.net [45.83.6.19]) (using TLSv1.2 with cipher ECDHE-ECDSA-CHACHA20-POLY1305 (256/256 bits)) (No client certificate requested) by mail2.ietf.org (Postfix) with ESMTPS id C1986DCA797D; Wed, 15 Apr 2026 03:17:55 -0700 (PDT)
Received: from stereo.hq.phicoh.net (localhost [::ffff:127.0.0.1]) by stereo.hq.phicoh.net with esmtp (TLS version=TLSv1.2 cipher=ECDHE-ECDSA-CHACHA20-POLY1305) (Smail #158) id m1wCxJh-0000OAC; Wed, 15 Apr 2026 12:17:53 +0200
Message-Id: <m1wCxJh-0000OAC@stereo.hq.phicoh.net>
To: dnsop@ietf.org
From: Philip Homburg <pch-dnsop-7@u-1.phicoh.com>
Sender: pch-b55F8B228@u-1.phicoh.com
References: <m1wAunU-0000NEC@stereo.hq.phicoh.net> <2338256.t9SDvczpPo@localhost> <038ae9d1-34fc-4085-aa6d-76ef79287857@gmail.com> <PARP264MB6760A67BB8F2060962E8A64088592@PARP264MB6760.FRAP264.PROD.OUTLOOK.COM> <B93DB6C8-2974-4915-93DE-DFCB6B858AFA@consulintel.es> <m1wB6jW-0000VYC@stereo.hq.phicoh.net> <25022.1775841874@obiwan.sandelman.ca> <m1wBGFD-0000PhC@stereo.hq.phicoh.net> <5539.1775850116@obiwan.sandelman.ca> <m1wCHUo-0000QZC@stereo.hq.phicoh.net> <5A969A5C-EE2A-4581-AAC3-20A1423D0D43@consulintel.es> <m1wCi0t-0000Q7C@stereo.hq.phicoh.net> <1D2A02B0-CA0A-4E51-AA62-72B20532893E@consulintel.es>
In-reply-to: Your message of "Wed, 15 Apr 2026 08:51:06 +0200 ." <1D2A02B0-CA0A-4E51-AA62-72B20532893E@consulintel.es>
Date: Wed, 15 Apr 2026 12:17:53 +0200
Message-ID-Hash: LYF7HKEQSKQF452SIMREG4O3P5SOLGOH
X-Message-ID-Hash: LYF7HKEQSKQF452SIMREG4O3P5SOLGOH
X-MailFrom: pch-b55F8B228@u-1.phicoh.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-dnsop.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: "jordi.palet@consulintel.es" <jordi.palet=40consulintel.es@dmarc.ietf.org>, IPv6 Operations <v6ops@ietf.org>
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [DNSOP] Re: [v6ops] Re: Re: Re: Re: Re: Moving DNS64 (RFC6147) to Internet Standard
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/CxMvxpBw2KGRSakgwStjTlsj3e0>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Owner: <mailto:dnsop-owner@ietf.org>
List-Post: <mailto:dnsop@ietf.org>
List-Subscribe: <mailto:dnsop-join@ietf.org>
List-Unsubscribe: <mailto:dnsop-leave@ietf.org>
> I don't have a complete list, but here is a start. Let's assume > a host that relies on DNS64 to obtain IPv4 connectivity. What > doesn't work in that case: 1) An IPv4 literal > > This is not a DNS64 issue, it is NAT64, that's why we invented > 464XLAT. > > 2) Any kind of local DNSSEC validation, either in the stub > resolver or in > a local DNS forwarder. > > This is incorrect if you properly configure the DNS64 server I think we are talking at cross purposes. I see DNS64 as part of a solution of providing an application with IPv4 access through NAT64. And I seen DNS64 failing at that. In case 1), we have 464XLAT because DNS64 doesn't work in that case. In case 2) DNS64 does not prevent DNSSEC validation. But at the same time it no longer assists the application with IPv4 access through NAT64. So by and large DNS64 fails at its fundamental purpose. And when we fix these issues, like you mentioned, using 464XLAT, then the need for DNS64 goes away. So in a very limited scope DNS64 may be of help. In my opinion, the confusion DNS64 creates by pretending that A records are AAAA records causes more harm than the limited benefit we get. This is simply not a protocol that should be Internet Standard.
- [DNSOP] Moving DNS64 (RFC6147) to Internet Standa… mohamed.boucadair
- [DNSOP] Re: [v6ops] Moving DNS64 (RFC6147) to Int… Scott Morizot
- [DNSOP] Re: Moving DNS64 (RFC6147) to Internet St… Philip Homburg
- [DNSOP] Re: Moving DNS64 (RFC6147) to Internet St… Paul Vixie
- [DNSOP] Re: [v6ops] Re: Re: Moving DNS64 (RFC6147… Brian E Carpenter
- [DNSOP] Re: [v6ops] Re: Re: Moving DNS64 (RFC6147… mohamed.boucadair
- [DNSOP] Re: [v6ops] Moving DNS64 (RFC6147) to Int… Chenhao Ma
- [DNSOP] Re: [v6ops] Re: Re: Moving DNS64 (RFC6147… Ole Trøan
- [DNSOP] Re: [v6ops] Re: Re: Moving DNS64 (RFC6147… Philip Homburg
- [DNSOP] Re: [v6ops] Re: Re: Re: Moving DNS64 (RFC… Michael Richardson
- [DNSOP] Re: [v6ops] Re: Re: Moving DNS64 (RFC6147… Michael Richardson
- [DNSOP] Re: [Ext] Re: [v6ops] Re: Re: Re: Moving … Paul Hoffman
- [DNSOP] Re: [v6ops] Re: Re: Moving DNS64 (RFC6147… Philip Homburg
- [DNSOP] Re: [v6ops] Re: Re: Re: Re: Moving DNS64 … Nick Buraglio
- [DNSOP] Re: [v6ops] Moving DNS64 (RFC6147) to Int… Dan Wing
- [DNSOP] Re: [v6ops] Moving DNS64 (RFC6147) to Int… Philip Homburg
- [DNSOP] Re: [v6ops] Moving DNS64 (RFC6147) to Int… Ole Trøan
- [DNSOP] Re: [Ext] Re: [v6ops] Re: Re: Re: Moving … Michael Richardson
- [DNSOP] Re: [v6ops] Re: Re: Moving DNS64 (RFC6147… jordi.palet@consulintel.es
- [DNSOP] Re: [v6ops] Re: Re: Moving DNS64 (RFC6147… jordi.palet@consulintel.es
- [DNSOP] Re: [v6ops] Re: Re: Moving DNS64 (RFC6147… Philip Homburg
- [DNSOP] Re: [v6ops] Re: Re: Moving DNS64 (RFC6147… Michael Richardson
- [DNSOP] Re: [v6ops] Re: Re: Moving DNS64 (RFC6147… jordi.palet@consulintel.es
- [DNSOP] Re: [v6ops] [Ext] Re: Re: Re: Re: Moving … jordi.palet@consulintel.es
- [DNSOP] Re: [v6ops] Re: Re: Moving DNS64 (RFC6147… jordi.palet@consulintel.es
- [DNSOP] Re: [v6ops] Moving DNS64 (RFC6147) to Int… mohamed.boucadair
- [DNSOP] Re: [v6ops] Re: Re: Re: Moving DNS64 (RFC… jordi.palet@consulintel.es
- [DNSOP] Re: [v6ops] Re: Re: Re: Moving DNS64 (RFC… Gert Doering
- [DNSOP] Re: [v6ops] Re: Re: Moving DNS64 (RFC6147… jordi.palet@consulintel.es
- [DNSOP] Re: [v6ops] Re: Re: Moving DNS64 (RFC6147… Philip Homburg
- [DNSOP] Re: [v6ops] Re: Re: Re: Moving DNS64 (RFC… Tim Chown
- [DNSOP] Re: [v6ops] Re: Re: Re: Moving DNS64 (RFC… jordi.palet@consulintel.es
- [DNSOP] Re: [v6ops] Re: Re: Re: Moving DNS64 (RFC… Philip Homburg
- [DNSOP] Re: [v6ops] Re: Re: Moving DNS64 (RFC6147… jordi.palet@consulintel.es
- [DNSOP] Re: [v6ops] Re: Re: Re: Moving DNS64 (RFC… Michael Richardson
- [DNSOP] Re: [v6ops] Re: Re: Moving DNS64 (RFC6147… jordi.palet@consulintel.es
- [DNSOP] Re: [v6ops] Re: Re: Re: Re: Moving DNS64 … Brian E Carpenter
- [DNSOP] Re: [Ext] Re: [v6ops] Re: Re: Re: Moving … Warren Kumari
- [DNSOP] Re: [Ext] Re: [v6ops] Re: Re: Re: Moving … jordi.palet@consulintel.es
- [DNSOP] Re: [v6ops] Re: Re: Moving DNS64 (RFC6147… jordi.palet@consulintel.es
- [DNSOP] Re: [v6ops] Re: Re: Re: Moving DNS64 (RFC… Philip Homburg
- [DNSOP] Re: [v6ops] Re: Re: Re: Re: Moving DNS64 … Ted Lemon
- [DNSOP] Re: [v6ops] Re: Re: Re: Re: Re: Moving DN… Mark Andrews
- [DNSOP] Re: [v6ops] Re: Re: Re: Re: Re: Moving DN… Mark Andrews
- [DNSOP] Re: [v6ops] Re: [Ext] Re: Re: Re: Re: Mov… Michael Richardson
- [DNSOP] Re: [v6ops] Re: Re: Re: Re: Re: Moving DN… Brian E Carpenter
- [DNSOP] Re: [v6ops] Re: Re: Re: Moving DNS64 (RFC… Michael Richardson
- [DNSOP] Re: [v6ops] Re: Re: Moving DNS64 (RFC6147… Michael Richardson
- [DNSOP] Re: [v6ops] Re: [Ext] Re: Re: Re: Re: Mov… Brian E Carpenter
- [DNSOP] Re: [v6ops] Re: Re: Re: Re: Moving DNS64 … jordi.palet@consulintel.es
- [DNSOP] Re: [v6ops] Re: Re: Re: Re: Moving DNS64 … jordi.palet@consulintel.es
- [DNSOP] Re: [v6ops] Re: Re: Re: Re: Moving DNS64 … jordi.palet@consulintel.es
- [DNSOP] Re: [v6ops] Re: Re: Re: Re: Moving DNS64 … Philip Homburg
- [DNSOP] Re: [v6ops] Re: Re: Re: Re: Moving DNS64 … jordi.palet@consulintel.es
- [DNSOP] Re: [v6ops] Re: Re: Re: Moving DNS64 (RFC… Philip Homburg
- [DNSOP] Re: [v6ops] Re: Re: Re: Re: Moving DNS64 … marka
- [DNSOP] (Concluded) RE: Moving DNS64 (RFC6147) to… mohamed.boucadair
- [DNSOP] Re: (Concluded) RE: Moving DNS64 (RFC6147… jordi.palet@consulintel.es
- [DNSOP] Re: [v6ops] Re: Re: Re: Re: Moving DNS64 … jordi.palet@consulintel.es
- [DNSOP] Re: [v6ops] Re: Re: Re: Re: Moving DNS64 … jordi.palet@consulintel.es
- [DNSOP] Re: [v6ops] Re: Re: Re: Re: Re: Moving DN… Philip Homburg
- [DNSOP] Re: (Concluded) RE: Moving DNS64 (RFC6147… Philipp Tiesel
- [DNSOP] Re: (Concluded) RE: Moving DNS64 (RFC6147… jordi.palet@consulintel.es