Windows Vista / 7 - pure IPv6 (NATPT)
Brandon Applegate
brandon at burn.net
Thu Sep 2 01:42:53 CEST 2010
On Thu, 2 Sep 2010, Steinar H. Gunderson wrote:
> Den 1. september 2010 22:05 skrev Brandon Applegate <brandon at burn.net> følgende:
>> So in short, it appears that Windows 7 fails using the patched BIND DNS64
>> solution above, but works as expected using the built in DNS ALG in IOS.
>
> Does the DNS ALG in IOS trigger on TCP DNS on these days? If not,
> you're in for some fairly unpredictable behavior.
>
> (Last time I tested, it would just eat the DNS packets, hanging the request.)
>
> /* Steinar */
> --
> Software Engineer, Google Switzerland
>
Yes, I just tried it. TCP gets eaten and EDNS doesn't do any better. So
yes, IOS DNS ALG (at least in the IOS I'm running) is nowhere near ready
to use in the real world.
I really liked the BIND DNS64. Would like to do some more captures to see
if I can figure out what is making Windows7 unhappy. I'm guessing
it's the fact that the BIND DNS64 gives back the A record answers as
well as the synthesized AAAA when the question was only AAAA. Linux
doesn't seem to care about this. Windows gets tied in a knot (initially,
subsequent (after cache) queries work).
--
Brandon Applegate - CCIE 10273
PGP Key fingerprint:
7407 DC86 AA7B A57F 62D1 A715 3C63 66A1 181E 6996
"SH1-0151. This is the serial number, of our orbital gun."
More information about the ipv6-ops
mailing list