[Hipsec-rg] HIT-to-IP mapping presentation follow-up
oleg.ponomarev at hiit.fi (Oleg Ponomarev) Wed, 01 April 2009 15:51 UTC
From: "oleg.ponomarev at hiit.fi"
Date: Wed, 01 Apr 2009 18:51:11 +0300
Subject: [Hipsec-rg] HIT-to-IP mapping presentation follow-up
In-Reply-To: <018901c9aeac$2c985b00$a80c6f0a@china.huawei.com>
References: <alpine.LFD.2.00.0903262218150.29600@stargazer.pc.infrahip.net> <018901c9aeac$2c985b00$a80c6f0a@china.huawei.com>
Message-ID: <alpine.LFD.2.00.0904011832070.29600@stargazer.pc.infrahip.net>
Hi! On Fri, 27 Mar 2009, Xuewei Wang wrote: Thank you for your question and for your patience. > As for a request for EXAMPLE.COM. AAAA , > DNS has the following RRs: > EXAMPLE.COM.?? HIP?? 2001...5678 > EXAMPLE.COM.?? A?????? 192.0.2.1 > 2001...5678????????? A?????? 192.0.2.1 > but the reply is? EXAMPLE.COM.?AAAA 2001....5678 ,?perhaps this is for > the leagcy application, however, ?how this RR produced? The DNS proxy queries HIP RR on behalf of the legacy application, and if it is found replies with HIT (2001:...:5678) in AAAA data to the application. >?the current DNS policy should reply A RR in additional section, or you > need to change DNS policy to make DNS reply HIP RR when requesting AAAA RR? The HIP DNS proxy gives only HIT's and LSI's in AAAA/A to the application, not the usual IP/IPv6 addresses, so the application would send its data over HIP. ? > And if the DNS have the following RR: > EXAMPLE.COM.?? HIP?? 2001...5678 > EXAMPLE.COM.?? AAAA???? 2001:DB8::1 > How would the reply? > Directly reply the EXAMPLE.COM.? AAAA 2001....5678? or? > EXAMPLE.COM.??AAAA??2001:DB8::1 ? The application gets "EXAMPLE.COM.? AAAA 2001....5678", but when it sends a packet to 2001....5678, it would be HIP-encapsulated and sent to 2001:DB8::1 -- Regards, Oleg.
- [Hipsec-rg] HIT-to-IP mapping presentation follow… Oleg Ponomarev
- [Hipsec-rg] HIT-to-IP mapping presentation follow… Oleg Ponomarev