Internet DRAFT - draft-xli-behave-dns46-for-stateless

draft-xli-behave-dns46-for-stateless






Network Working Group                                             C. Bao
Internet-Draft                                                     X. Li
Intended status: Informational                    CERNET Center/Tsinghua
Expires: April 20, 2018                                       University
                                                                   Y. Ma
                                          Beijing University of Post and
                                                       Telecommunication
                                                        October 17, 2017


              DNS46 for the IPv4/IPv6 Stateless Translator
                draft-xli-behave-dns46-for-stateless-07

Abstract

   The stateless translator can support IPv6-initiated communications as
   well as IPv4-initiated communications for IPv6 hosts using IPv4-
   translatable addresses.  DNS support for the IPv6-initiated
   communication is defined in the DNS64 specification.  This document
   defines the DNS46 function for the stateless translator.

Status of this Memo

   This Internet-Draft is submitted to IETF in full conformance with the
   provisions of BCP 78 and BCP 79.

   Internet-Drafts are working documents of the Internet Engineering
   Task Force (IETF).  Note that other groups may also distribute
   working documents as Internet-Drafts.  The list of current Internet-
   Drafts is at http://datatracker.ietf.org/drafts/current/.

   Internet-Drafts are draft documents valid for a maximum of six months
   and may be updated, replaced, or obsoleted by other documents at any
   time.  It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than as "work in progress."

   This Internet-Draft will expire on April 20, 2018.

Copyright Notice

   Copyright (c) 2017 IETF Trust and the persons identified as the
   document authors.  All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents
   (http://trustee.ietf.org/license-info) in effect on the date of
   publication of this document.  Please review these documents
   carefully, as they describe your rights and restrictions with respect



Bao, et al.              Expires April 20, 2018                 [Page 1]

Internet-Draft       DNS46 for Stateless Translator         October 2017


   to this document.  Code Components extracted from this document must
   include Simplified BSD License text as described in Section 4.e of
   the Trust Legal Provisions and are provided without warranty as
   described in the Simplified BSD License.


Table of Contents

   1.  Introduction  . . . . . . . . . . . . . . . . . . . . . . . . . 3
   2.  Notational Conventions  . . . . . . . . . . . . . . . . . . . . 3
   3.  DNS46 for the IPv4/IPv6 Stateless Translator  . . . . . . . . . 3
     3.1.  Authoritative DNS server  . . . . . . . . . . . . . . . . . 3
       3.1.1.  Static AAAA record  . . . . . . . . . . . . . . . . . . 3
       3.1.2.  Varying AAAA record . . . . . . . . . . . . . . . . . . 4
     3.2.  DNS resolver  . . . . . . . . . . . . . . . . . . . . . . . 4
       3.2.1.  DNS resolver for scenario 6 . . . . . . . . . . . . . . 4
   4.  Security Considerations . . . . . . . . . . . . . . . . . . . . 4
   5.  IANA Considerations . . . . . . . . . . . . . . . . . . . . . . 4
   6.  Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . . 5
   7.  Normative References  . . . . . . . . . . . . . . . . . . . . . 5
   Authors' Addresses  . . . . . . . . . . . . . . . . . . . . . . . . 6






























Bao, et al.              Expires April 20, 2018                 [Page 2]

Internet-Draft       DNS46 for Stateless Translator         October 2017


1.  Introduction

   DNS mechanism is one of the functions model for the IPv4/IPv6
   transition [RFC6144].  DNS64 allows IPv6 hosts to resolve names of
   IPv4 hosts whereas DNS46 allows IPv4 hosts to resolve names of IPv6
   hosts.

   General DNS46 is considered harmful, as NAT-PT was deprecated by IETF
   [RFC4966].  However, stateless translators can support IPv6-initiated
   communications (scenario 1 and 3) which requires the DNS64 support
   [RFC6146] [RFC6145], as well as IPv4-initiated communications
   (scenario 2 and 4) which requires the DNS46 support [RFC6145].

   DNS64 is used for both stateful and stateless translators and it is
   defined in [RFC6147].  DNS46 is only used for the stateless
   translators and it is defines in this document.


2.  Notational Conventions

   The key words MUST, MUST NOT, REQUIRED, SHALL, SHALL NOT, SHOULD,
   SHOULD NOT, RECOMMENDED, MAY, and OPTIONAL, when they appear in this
   document, are to be interpreted as described in [RFC2119].


3.  DNS46 for the IPv4/IPv6 Stateless Translator

   The DNS46 for stateless IPv4/IPv6 translation is for the following
   scenarios:

   o  Scenario 2: The IPv4 Internet to an IPv6 network.

   o  Scenario 6: An IPv4 network to an IPv6 network.

3.1.  Authoritative DNS server

   Since the destination is "an IPv6 network", DNS46 can be deployed as
   an authoritative DNS server [RFC1035] in an IPv6 network.

3.1.1.  Static AAAA record

   This is very similar to the authoritative DNS configuration of dual-
   stack hosts.  The only difference is that in the dual-stack case, the
   A record and AAAA record are independent, while in stateless
   translation case, the hosts are typically IPv6 single stack (or for
   some reason incapable of using IPv4 on a particular network) using
   IPv4-translatable addresses and the A record MUST be derived from the
   AAAA record based on the algorithm and the PREFIX information



Bao, et al.              Expires April 20, 2018                 [Page 3]

Internet-Draft       DNS46 for Stateless Translator         October 2017


   [RFC6052].

3.1.2.  Varying AAAA record

   If an IPv6 host has a varying AAAA record (that is, it could change
   due to the IPv6-only host changing its IPv6 address and registering
   its new address via, for example, DNS Dynamic Updates [RFC2316]),
   then the dynamic DNS46 function is required.  However, it is still
   the authoritative DNS.  When the authoritative DNS receives a dynamic
   update containing AAAA record, it MUST synthesize corresponding A
   record before signing the zone, which can be derived based on the
   algorithm and the PREFIX information [RFC6052].

3.2.  DNS resolver

   For scenario 2 (the IPv4 Internet to an IPv6 network) the
   implementation of DNS46 resolver is almost impossible, since the IPv4
   hosts are in the IPv4 Internet.

3.2.1.  DNS resolver for scenario 6

   However, for scenario 6 (an IPv4 network to IPv6 network) [RFC6144],
   it is possible to use DNS resolver in an IPv4 network to synthesize A
   records from the AAAA records based on the algorithm and the PREFIX
   information [RFC6052].


4.  Security Considerations

   When DNS46 function is provided by authoritative DNS server, DNS46
   can support DNSSEC without problem.

   When DNS46 function is provided by authoritative DNS server, the
   reverse DNS is also under the same network operator's control which
   may provide additional validation function for the IPv4-translatable
   IPv6 addresses.


5.  IANA Considerations

   This memo adds no new IANA considerations.

   Note to RFC Editor: This section will have served its purpose if it
   correctly tells IANA that no new assignments or registries are
   required, or if those assignments or registries are created during
   the RFC publication process.  From the author's perspective, it may
   therefore be removed upon publication as an RFC at the RFC Editor's
   discretion.



Bao, et al.              Expires April 20, 2018                 [Page 4]

Internet-Draft       DNS46 for Stateless Translator         October 2017


6.  Acknowledgments

   The authors would like to acknowledge the following contributors of
   this document: Branimir Rajtar, Dan Wing and Kevin Yin.


7.  Normative References

   [RFC1035]  Mockapetris, P., "Domain names - implementation and
              specification", STD 13, RFC 1035, DOI 10.17487/RFC1035,
              November 1987, <https://www.rfc-editor.org/info/rfc1035>.

   [RFC2119]  Bradner, S., "Key words for use in RFCs to Indicate
              Requirement Levels", BCP 14, RFC 2119, DOI 10.17487/
              RFC2119, March 1997,
              <https://www.rfc-editor.org/info/rfc2119>.

   [RFC2316]  Bellovin, S., "Report of the IAB Security Architecture
              Workshop", RFC 2316, DOI 10.17487/RFC2316, April 1998,
              <https://www.rfc-editor.org/info/rfc2316>.

   [RFC4966]  Aoun, C. and E. Davies, "Reasons to Move the Network
              Address Translator - Protocol Translator (NAT-PT) to
              Historic Status", RFC 4966, DOI 10.17487/RFC4966,
              July 2007, <https://www.rfc-editor.org/info/rfc4966>.

   [RFC6052]  Bao, C., Huitema, C., Bagnulo, M., Boucadair, M., and X.
              Li, "IPv6 Addressing of IPv4/IPv6 Translators", RFC 6052,
              DOI 10.17487/RFC6052, October 2010,
              <https://www.rfc-editor.org/info/rfc6052>.

   [RFC6144]  Baker, F., Li, X., Bao, C., and K. Yin, "Framework for
              IPv4/IPv6 Translation", RFC 6144, DOI 10.17487/RFC6144,
              April 2011, <https://www.rfc-editor.org/info/rfc6144>.

   [RFC6145]  Li, X., Bao, C., and F. Baker, "IP/ICMP Translation
              Algorithm", RFC 6145, DOI 10.17487/RFC6145, April 2011,
              <https://www.rfc-editor.org/info/rfc6145>.

   [RFC6146]  Bagnulo, M., Matthews, P., and I. van Beijnum, "Stateful
              NAT64: Network Address and Protocol Translation from IPv6
              Clients to IPv4 Servers", RFC 6146, DOI 10.17487/RFC6146,
              April 2011, <https://www.rfc-editor.org/info/rfc6146>.

   [RFC6147]  Bagnulo, M., Sullivan, A., Matthews, P., and I. van
              Beijnum, "DNS64: DNS Extensions for Network Address
              Translation from IPv6 Clients to IPv4 Servers", RFC 6147,
              DOI 10.17487/RFC6147, April 2011,



Bao, et al.              Expires April 20, 2018                 [Page 5]

Internet-Draft       DNS46 for Stateless Translator         October 2017


              <https://www.rfc-editor.org/info/rfc6147>.


Authors' Addresses

   Congxiao Bao
   CERNET Center/Tsinghua University
   Room 225, Main Building, Tsinghua University
   Beijing  100084
   CN

   Phone: +86 10-62785983
   Email: congxiao@cernet.edu.cn


   Xing Li
   CERNET Center/Tsinghua University
   Room 225, Main Building, Tsinghua University
   Beijing  100084
   CN

   Phone: +86 10-62785983
   Email: xing@cernet.edu.cn


   Yan Ma
   Beijing University of Post and Telecommunication
   Mailbox 121, Beijing University of Post and Telecommunication
   Beijing  100876
   CN

   Phone: +86 10-62283044
   Email: mayan@bupt.edu.cn


















Bao, et al.              Expires April 20, 2018                 [Page 6]