Re: [v6ops] NAT64/DNS64 and DNSSEC

"Heatley, Nick" <nick.heatley@ee.co.uk> Fri, 24 July 2015 16:58 UTC

Return-Path: <nick.heatley@ee.co.uk>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3906B1A0004 for <v6ops@ietfa.amsl.com>; Fri, 24 Jul 2015 09:58:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.536
X-Spam-Level:
X-Spam-Status: No, score=-3.536 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_PASS=-0.001, SPF_SOFTFAIL=0.665] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id eldye7gMwBsY for <v6ops@ietfa.amsl.com>; Fri, 24 Jul 2015 09:58:17 -0700 (PDT)
Received: from mail1.bemta14.messagelabs.com (mail1.bemta14.messagelabs.com [193.109.254.113]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id F081D1A0006 for <v6ops@ietf.org>; Fri, 24 Jul 2015 09:58:16 -0700 (PDT)
Received: from [194.106.220.35] by server-9.bemta-14.messagelabs.com id 41/BB-03371-7AE62B55; Fri, 24 Jul 2015 16:58:15 +0000
X-Env-Sender: nick.heatley@ee.co.uk
X-Msg-Ref: server-14.tower-91.messagelabs.com!1437757094!23913354!1
X-Originating-IP: [149.254.241.76]
X-StarScan-Received:
X-StarScan-Version: 6.13.16; banners=-,-,-
X-VirusChecked: Checked
Received: (qmail 22832 invoked from network); 24 Jul 2015 16:58:14 -0000
Received: from unknown (HELO smtpml01.ee.co.uk) (149.254.241.76) by server-14.tower-91.messagelabs.com with DHE-RSA-AES256-SHA encrypted SMTP; 24 Jul 2015 16:58:14 -0000
Received: from EEUKWV0940.EEAD.EEINT.CO.UK (Not Verified[10.246.209.217]) by smtpml01.ee.co.uk with MailMarshal (v7, 2, 3, 6978) id <B55b26e980000>; Fri, 24 Jul 2015 17:58:00 +0100
Received: from UK31S005EXS02.EEAD.EEINT.CO.UK (Not Verified[10.246.208.27]) by EEUKWV0940.EEAD.EEINT.CO.UK with MailMarshal (v7, 2, 3, 6978) id <B55b26ea60000>; Fri, 24 Jul 2015 17:58:14 +0100
Received: from UK30S005EXS06.EEAD.EEINT.CO.UK ([fe80::314c:b96c:4a9a:8a79]) by UK31S005EXS02.EEAD.EEINT.CO.UK ([2002:62c:2a56::62c:2a56]) with mapi id 14.03.0195.001; Fri, 24 Jul 2015 17:58:13 +0100
From: "Heatley, Nick" <nick.heatley@ee.co.uk>
To: Erik Kline <ek@google.com>, Philip Homburg <pch-v6ops-3@u-1.phicoh.com>
Thread-Topic: [v6ops] NAT64/DNS64 and DNSSEC
Thread-Index: AQHQxRedzQPAv9hMVUOUvlQI6TNowp3om02AgAAvFICAADpFAIAAAbcAgAFEWaGAABO0gIAAeUyw
Date: Fri, 24 Jul 2015 16:58:12 +0000
Message-ID: <6536E263028723489CCD5B6821D4B21303EEBEC2@UK30S005EXS06.EEAD.EEINT.CO.UK>
References: <alpine.DEB.2.02.1507230910190.11810@uplift.swm.pp.se> <55B09AE5.4040609@gmail.com> <2BBE839B-37FB-4EA2-982E-58028E7A13B6@nominum.com> <55B0F344.4090005@gmail.com> <ED7E283A-0430-4D4E-87A6-ED9FD8DFC6F4@nominum.com> <m1ZIYIw-0000EuC@stereo.hq.phicoh.net> <CAAedzxrWExsiyh4hhsfJTufuRVM_67f2tGWkHCLc9kiduTU0hg@mail.gmail.com>
In-Reply-To: <CAAedzxrWExsiyh4hhsfJTufuRVM_67f2tGWkHCLc9kiduTU0hg@mail.gmail.com>
Accept-Language: en-GB, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.246.208.5]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: <http://mailarchive.ietf.org/arch/msg/v6ops/i7dgynnO4voB5p_sUa5OPmAAKNY>
Cc: "v6ops@ietf.org" <v6ops@ietf.org>
Subject: Re: [v6ops] NAT64/DNS64 and DNSSEC
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/v6ops/>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 24 Jul 2015 16:58:19 -0000

+1

A client that can't synthesize internally, MAY need DNS64 from the network.
So can we frame the problem as: lack of internal synthesis is incompat with DNSSEC?


-----Original Message-----
From: v6ops [mailto:v6ops-bounces@ietf.org] On Behalf Of Erik Kline
Sent: 24 July 2015 11:37
To: Philip Homburg
Cc: v6ops@ietf.org
Subject: Re: [v6ops] NAT64/DNS64 and DNSSEC

> I guess this is easy enough to add to for example getdns 
> (https://getdnsapi.net/). One question is how an application would 
> find out that it is running in a DNS64 environment. Another option is 
> for getdns to do the probing and enable this option automatically.

One approach comes to ming: when a client resolver starts up, it checks ipv4only.arpa (https://tools.ietf.org/html/rfc7050#section-8.2), and after that can synthesize AAAAs as needed (DNS64 in done in the client) while getting validated answers for other things as desired.

_______________________________________________
v6ops mailing list
v6ops@ietf.org
https://www.ietf.org/mailman/listinfo/v6ops
NOTICE AND DISCLAIMER
This e-mail (including any attachments) is intended for the above-named person(s).  If you are not the intended recipient, notify the sender immediately, delete this email from your system and do not disclose or use for any purpose.  
 
We may monitor all incoming and outgoing emails in line with current legislation. We have taken steps to ensure that this email and attachments are free from any virus, but it remains your responsibility to ensure that viruses do not adversely affect you. 

EE Limited
Registered in England and Wales
Company Registered Number: 02382161
Registered Office Address: Trident Place, Mosquito Way, Hatfield, Hertfordshire, AL10 9BW.