Re: [v6ops] NAT64/DNS64 and DNSSEC

Czerwonka Michał 1 - Hurt <Michal.Czerwonka1@orange.com> Wed, 29 July 2015 14:11 UTC

Return-Path: <Michal.Czerwonka1@orange.com>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 341751A1B98 for <v6ops@ietfa.amsl.com>; Wed, 29 Jul 2015 07:11:16 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 1.636
X-Spam-Level: *
X-Spam-Status: No, score=1.636 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001, HELO_EQ_PL=1.135, HOST_EQ_PL=1.95, HTML_MESSAGE=0.001, J_CHICKENPOX_14=0.6, MIME_8BIT_HEADER=0.3, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GT0C8domufWT for <v6ops@ietfa.amsl.com>; Wed, 29 Jul 2015 07:11:14 -0700 (PDT)
Received: from mailin.tpsa.pl (mailout.tpsa.pl [212.160.172.10]) (using TLSv1 with cipher DES-CBC3-SHA (112/168 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 11E0C1A1B5E for <v6ops@ietf.org>; Wed, 29 Jul 2015 07:11:13 -0700 (PDT)
Received: from 10.236.62.137 (EHLO OPE10HT03.tp.gk.corp.tepenet) ([10.236.62.137]) by mailin.tpsa.pl (MOS 4.4.2a-FCS FastPath queued) with ESMTP id EHB24063; Wed, 29 Jul 2015 16:11:08 +0200 (CEST)
From: =?utf-8?B?Q3plcndvbmthIE1pY2hhxYIgMSAtIEh1cnQ=?= <Michal.Czerwonka1@orange.com>
To: Ted Lemon <ted.lemon@nominum.com>, Philip Homburg <pch-v6ops-3@u-1.phicoh.com>
Thread-Topic: [v6ops] NAT64/DNS64 and DNSSEC
Thread-Index: AQHQxRebhanHpTIC20amYveYP8eqwZ3xqZuAgACAPISAADibgIAAI9cQ
Date: Wed, 29 Jul 2015 14:10:39 +0000
Message-ID: <2D29C51862222E49B991EF64EEB0B5B745FC37D9@OPE10MB05.tp.gk.corp.tepenet>
References: <alpine.DEB.2.02.1507230910190.11810@uplift.swm.pp.se> <4797B33E-9851-427E-8710-84122AFD0FFA@cisco.com> <m1ZKMsw-0000CCC@stereo.hq.phicoh.net> <DAF1C040-9792-4846-B139-56EC94EC2076@nominum.com>
In-Reply-To: <DAF1C040-9792-4846-B139-56EC94EC2076@nominum.com>
Accept-Language: pl-PL, en-US
Content-Language: pl-PL
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [126.13.107.45]
Content-Type: multipart/alternative; boundary="_000_2D29C51862222E49B991EF64EEB0B5B745FC37D9OPE10MB05tpgkco_"
MIME-Version: 1.0
X-Junkmail-Premium-Raw: score=8/50, refid=2.7.2:2015.7.29.131818:17:8.129, ip=, rules=__HAS_FROM, FROM_NAME_PHRASE, __TO_MALFORMED_2, __BOUNCE_CHALLENGE_SUBJ, __BOUNCE_NDR_SUBJ_EXEMPT, __SUBJ_ALPHA_END, __IMS_MSGID, __HAS_MSGID, __SANE_MSGID, __REFERENCES, __IN_REP_TO, WEBMAIL_XOIP, __HAS_XOIP, __CT, __CTYPE_MULTIPART_ALT, __CTYPE_HAS_BOUNDARY, __CTYPE_MULTIPART, __MIME_VERSION, WEBMAIL_X_IP_HDR, __ANY_URI, __URI_NO_WWW, __URI_NO_PATH, __SUBJ_ALPHA_NEGATE, SUPERLONG_LINE, __URI_IN_BODY, __MULTIPLE_URI_IN_BODY, __HTML_FONT_BLUE, __HAS_HTML, BODYTEXTP_SIZE_3000_LESS, BODYTEXTH_SIZE_10000_LESS, __MIME_HTML, __TAG_EXISTS_HTML, __STYLE_RATWARE_NEG, __URI_NS, HTML_70_90, WEBMAIL_SOURCE, REFERENCES, NO_URI_HTTPS
X-Junkmail-Status: score=10/50, host=mailin.tpsa.pl
X-Junkmail-Signature-Raw: score=unknown, refid=str=0001.0A0C0204.55B8DEFC.0293, ss=1, re=0.000, recu=0.000, reip=0.000, cl=1, cld=1, fgs=0, ip=0.0.0.0, so=2012-12-31 09:39:00, dmn=2013-03-21 17:37:32, mode=multiengine
X-Junkmail-IWF: false
X-Mirapoint-Virus-RAPID-Raw: score=unknown(0), refid=str=0001.0A0C0204.55B8DEFC.0293, ss=1, re=0.000, recu=0.000, reip=0.000, cl=1, cld=1, fgs=0, ip=0.0.0.0, so=2012-12-31 09:39:00, dmn=2013-03-21 17:37:32
X-Mirapoint-Loop-Id: d6734786eeedf6031ca1d577d0998c30
Archived-At: <http://mailarchive.ietf.org/arch/msg/v6ops/eSsWHCbWQij8yBqVdIThJEdFccQ>
Cc: "v6ops@ietf.org" <v6ops@ietf.org>
Subject: Re: [v6ops] NAT64/DNS64 and DNSSEC
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/v6ops/>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 29 Jul 2015 14:11:16 -0000

NAT64 is cool, but DNS64 not.



From: v6ops [mailto:v6ops-bounces@ietf.org] On Behalf Of Ted Lemon
Sent: Wednesday, July 29, 2015 4:02 PM
To: Philip Homburg
Cc: v6ops@ietf.org
Subject: Re: [v6ops] NAT64/DNS64 and DNSSEC

On Jul 29, 2015, at 4:38 AM, Philip Homburg <pch-v6ops-3@u-1.phicoh.com<mailto:pch-v6ops-3@u-1.phicoh.com>> wrote:
I don't like it either. But there seems to be a vocal group of operators who
like it. Not a lot of opposition and now Apple seems to like it as well.

I don’t really know what all the hate is for NAT64.   It does a great job of letting me run a v6only network whilst still communicating with v4 services on the Internet.  Maybe it’s not everybody’s cup of tea, but it’s a pretty nice solution, and I agree that making it work with DNSSEC ought to be a priority.