nanog mailing list archives
Re: quietly....
From: Mark Andrews <marka () isc org>
Date: Sat, 05 Feb 2011 09:44:00 +1100
In message <FE7943DF-6A3A-478F-AF40-DE4D3592FB1D () puck nether net>, Jared Mauch writes:
On Feb 4, 2011, at 4:32 PM, Mark Andrews wrote:=20 In message <201102041140.42719.lowen () pari edu>, Lamar Owen writes:On Friday, February 04, 2011 09:05:09 am Derek J. Balling wrote:I think they'll eventually notice a difference. How will an =IPv4-only internal host know what to do with an IPv6 AAAA record it gets from a DNS =lookup?=20 If the CPE is doing DNS proxy (most do) then it can map the AAAA =record to anA record it passes to the internal client, with an internal address =for the=20record chosen from RFC1918 space, and perform IPv4-IPv6 1:1 NAT from =the assigned RFC1918 address to the external IPv6 address from the AAAA =record (sinceyou have at least a /64 at your CPE, you can even use the RFC1918 =address inthe lower 32 bits.... :-P). =20 =20 This may already be a standard, or a draft, or implemented somewhere; =I don'tknow. But that is how I would do it, just thinking off the top of my =head.=20=20 DS-lite delivers a IPv4 softwire over a IPv6 upstream. It also introduces less problems than NAT64 as it works with DNSSEC and with IPv4 literal. Along with DS-lite there is a UPNP replacement designed to work with distributed NATs (DS-Lite (AFTR+B4) and NAT444 (LSN + CPE NAT)) so that holes can be punched threw multiple devices if needed.I've yet to see a version of ALG that isn't buggy (eg: Cisco SIP-ALG, = 2Wire/ATT uverse sip-alg is seriously broken, same for either dlink or = netgear... we have to turn it off otherwise it does bad things).
And you reported the bugs.
I'm sure that LSN activity is going to work "great" for the carriers.
Yes it is a worry which is why we want people to move to IPv6 and not use NAT. Less things to go wrong. A firewall only has to react to the traffic not re-write it. One lesa thing to go wrong.
- jared=
-- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: marka () isc org
Current thread:
- Re: quietly...., (continued)
- Re: quietly.... Mark Andrews (Feb 03)
- Re: quietly.... Roland Perry (Feb 03)
- Re: quietly.... Mark Andrews (Feb 03)
- Re: quietly.... Roland Perry (Feb 04)
- Re: quietly.... Derek J. Balling (Feb 04)
- Re: quietly.... Roland Perry (Feb 04)
- Re: quietly.... Lamar Owen (Feb 04)
- Re: quietly.... Derek J. Balling (Feb 04)
- Re: quietly.... Mark Andrews (Feb 04)
- Re: quietly.... Jared Mauch (Feb 04)
- Re: quietly.... Mark Andrews (Feb 04)
- Re: quietly.... Mark Andrews (Feb 04)
- Re: quietly.... Mark Andrews (Feb 02)
- Re: quietly.... Jack Bates (Feb 01)
- Re: quietly.... Karl Auer (Feb 01)
- Re: quietly.... Owen DeLong (Feb 01)
- Re: quietly.... Chris Adams (Feb 01)
- Re: quietly.... Owen DeLong (Feb 01)
- Re: quietly.... Dave Israel (Feb 01)
- Re: quietly.... Jack Bates (Feb 01)
- Re: quietly.... Owen DeLong (Feb 02)