DS-Lite & DNS
2012-07-05 11:52:20 GMT
I'm reading in RFC 6333:
5.5. DNSA B4 element is only configured from the service provider with IPv6. As such, it can only learn the address of a DNS recursive server through DHCPv6 (or other similar method over IPv6). As DHCPv6 only defines an option to get the IPv6 address of such a DNS recursive server, the B4 element cannot easily discover the IPv4 address of such a recursive DNS server, and as such will have to perform all DNS resolution over IPv6. The B4 element can pass this IPv6 address to downstream IPv6 nodes, but not to downstream IPv4 nodes. As such, the B4 element SHOULD implement a DNS proxy, following the recommendations of [RFC5625].
6.4. DNSAs noted previously, a DS-Lite node implementing a B4 element will perform DNS resolution over IPv6. As a result, DNS packets are not expected to go through the AFTR element.
What would be the expected behavior if i configure manually an IPv4 DNS server to a host attached to the CPE?
According to RFC5625:
Except when required to enforce an active security or network policy (such as maintaining a pre-authentication "walled garden"), end-users SHOULD be able to send their DNS queries to specified upstream resolvers, thereby bypassing the proxy altogether. In this case, the gateway SHOULD NOT modify the DNS request or response packets in any way.
Does this mean that the 6.4 statement "DNS packets are not expected to go through the AFTR element." is not always valid?
Also, can draft-ietf-dhc-dhcpv4-over-ipv6 be considered an alternative option for passing IPv4 info to clients over IPv6 in DS-Lite networks?
_______________________________________________ v6ops mailing list v6ops@... https://www.ietf.org/mailman/listinfo/v6ops