Hi Wouter, I am just throwing another mail in support of integrating DNS64 patch into Unbound.
O. P.S.: I am writing this from NAT64 network we have setup at CZ.NIC. And I fully agree with Carsten that NAT64 actually help the transition and not hinder it. There are some apps that are still broken without legacy IP, but I am even considering to enable this as a default setup at my home. On Mon, Jun 30, 2014, at 15:20, Carsten Strotmann wrote: > Hello Wouter, > > W.C.A. Wijngaards writes: > > Is NAT64 considered this important? We would be happy to incorporate > > the patch if this is considered useful to many users. NAT64 for DNS > > does involve allowing others to inject new addresses in a new netblock > > for arbitrary names, and as such carries a little bit of security > > considerations. So, I would hesitate to enable this by default. But > > the option could certainly be useful, as we would like to help the > > IPv4 to IPv6 transition. What do other users think about this? > > I see DNS64/NAT64 as a tool to reduce complexity in the IPv4->IPv6 > transition phase by removing the need to run full dual stack in order to > reach legacy IPv4 resources in the Internet. > > With DNS64 networks can go IPv6 native and use DNS64/NAT64 to access old > IPv4 stuff. > > Deployments of DNS64 at larger conferences such as FOSDEM, RIPE and > Cisco Live have shown that the techology is mature and works for most > protocols. > > DNS64 should not be enabled by default in Unbound (it requires local > configuration anyway), but it should be either a configuration switch or > a compile-time option (I would vote for a configuration switch. If it is > a compile-time option, the distributions will enable it anyway). > > The DNS64 configuration options in BIND 9 work fine and could be a > template for Unbound. > > I would be happy to see DNS64 support in Unbound and would be willing to > test. > > -- > Carsten Strotmann > Email: [email protected] > Blog: strotmann.de > > _______________________________________________ > Unbound-users mailing list > [email protected] > http://unbound.nlnetlabs.nl/mailman/listinfo/unbound-users -- Ondřej Surý <[email protected]> Knot DNS (https://www.knot-dns.cz/) – a high-performance DNS server _______________________________________________ Unbound-users mailing list [email protected] http://unbound.nlnetlabs.nl/mailman/listinfo/unbound-users
