Hi,
On Fri, Jul 07, 2023 at 01:19:38PM +0000, mohamed.boucad...@orange.com wrote:
> For your last point: problems may arise if a distinct pref64 is used by the
> upstream DNS64 than the one used locally. Unless I???m mistaken, we currently
> don???t have a solution to detect mismatches between what is used by a local
> NAT64 and an upstream DNS64 let alone whether an upstream resolver is also
> performing DNS64. I used to have a proposal for this:
> https://datatracker.ietf.org/doc/html/draft-boucadair-dnsop-prefix64-02
I would assume that it just does not matter if there are two NAT64 boxes
available, with different prefixes. Depending on which prefix you use
for the IPv6 synthesis, your packets will use one or the other to be
translated - which is actually one of the brilliant aspects of NAT64,
that it does not need to be in the "non NAT" packet flow.
Same for "having two DNS64 in sequence" - while unusual, it will still
work. The first DNS64 to see the IPv4-only reply will do synthesisis,
the second DNS64 will see an IPv6 answer, and won't have to do anything
except "forward". If they agree on the NAT64 prefix, packets will use
the same NAT64 gateway in any case, if not, see above.
Gert Doering
-- NetMaster
--
have you enabled IPv6 on something today...?
SpaceNet AG Vorstand: Sebastian v. Bomhard, Michael Emmer
Joseph-Dollinger-Bogen 14 Aufsichtsratsvors.: A. Grundner-Culemann
D-80807 Muenchen HRB: 136055 (AG Muenchen)
Tel: +49 (0)89/32356-444 USt-IdNr.: DE813185279
_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop
