behave Working Group Z. Cao Internet-Draft H. Deng Intended status: Informational China Mobile Expires: August 16, 2010 February 12, 2010 Dual Stack Hosts with DNS64 draft-cao-behave-dsdns64-00 Abstract If a dual stack host is configured with a DNS64 server, the packet will be routed through the NAT64 translator instead of the plain IPv4 router or NAT44. This document suggest the DNS64 should handle type A DNS request normally to avoid packets being detoured to NAT64. Status of this Memo This Internet-Draft is submitted to IETF in full conformance with the provisions of BCP 78 and BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet- Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." The list of current Internet-Drafts can be accessed at http://www.ietf.org/ietf/1id-abstracts.txt. The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html. This Internet-Draft will expire on August 16, 2010. Copyright Notice Copyright (c) 2010 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents Cao & Deng Expires August 16, 2010 [Page 1] Internet-Draft Dual Stack DNS64 February 2010 carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the BSD License. Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 2. Workaround . . . . . . . . . . . . . . . . . . . . . . . . . . 4 3. Security Considerations . . . . . . . . . . . . . . . . . . . . 5 4. IANA Considerations . . . . . . . . . . . . . . . . . . . . . . 6 5. Normative References . . . . . . . . . . . . . . . . . . . . . 7 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 8 Cao & Deng Expires August 16, 2010 [Page 2] Internet-Draft Dual Stack DNS64 February 2010 1. Introduction If a dual stack host is configured with a DNS64 server [DNS64], the packet will be routed through the NAT64 translator instead of the plain IPv4 router or NAT44. This document suggest the DNS64 should handle type A DNS request properly to avoid packets being detoured to NAT64. Draft [DNS64-Config] introduces serveral solutions to this problem. Specifically, the host destination address selection policy table is modified in order to give the synthesis AAAA record from the DNS64 a lower precedence than native IPv4 address. So the destination address selection algorithm will prefer the IPv4 address and communication will be IPv4 oriented. The problem is that DNS64 is only specific for AAAA request, and does not specify whether and how to handle A query. So in the above solution, DNS64 will return presumably only AAAA record. Even if the host policy table is modified, host won't be able to select the IPv4 address. Cao & Deng Expires August 16, 2010 [Page 3] Internet-Draft Dual Stack DNS64 February 2010 2. Workaround A simple workaround way to this problem is introduced in this section. We suggest the DNS64 should handle A request normally. So dual stack host will be able to receive both A and AAAA response from DNS64, and then destination address selection policy will take effect and host will select IPv4 address for communication. +-----------+ A & AAAA Query +----------+ | Dualstack |-------------------------------> | DNS64 | | Host |<------------------------------- | | +-----------+ A & AAAA Response +----------+ Figure 1: Dual stack host will DNS64 Cao & Deng Expires August 16, 2010 [Page 4] Internet-Draft Dual Stack DNS64 February 2010 3. Security Considerations TBD. Cao & Deng Expires August 16, 2010 [Page 5] Internet-Draft Dual Stack DNS64 February 2010 4. IANA Considerations This document does not require any IANA actions. Cao & Deng Expires August 16, 2010 [Page 6] Internet-Draft Dual Stack DNS64 February 2010 5. Normative References [DNS64] Bagnulo, M., "DNS64: DNS extensions for Network Address Translation from IPv6 Clients to IPv4 Servers", December 2009, . [DNS64-Config] Wing, D., "DNS64 Resolvers and Dual-Stack Hosts", Oct 2009, . Cao & Deng Expires August 16, 2010 [Page 7] Internet-Draft Dual Stack DNS64 February 2010 Authors' Addresses Zhen Cao China Mobile Unit2, 28 Xuanwumenxi Ave,Xuanwu District Beijing 100053 China Email: zehn.cao@gmail.com Hui Deng China Mobile Unit2, 28 Xuanwumenxi Ave,Xuanwu District Beijing 100053 China Email: denghui@chinamobile.com Cao & Deng Expires August 16, 2010 [Page 8]