6to4 in Internet aaaa records

Bjørn Mork bjorn at mork.no
Fri Oct 3 10:10:51 CEST 2014 

Erik Kline <ek at google.com> writes:
> On Fri, Oct 3, 2014 at 12:16 PM, Erik Kline <ek at google.com> wrote:
>
>> There in lies the problem.  I have received escalations in the last few
>>> days on my eyeball network regarding internet servers with 6to4 in DNS and
>>> NAT64 WKP in DNS.   In the WKP case, the server operator read the RFCs and
>>> tried to pursued me to his understanding of those RFCs that i should route
>>> and support WKP to my NAT64 and that he was doing the right thing by
>>> putting the WKP as RR in his DNS files.
>>>
>>
>> That is hilariously evil...awesome.  The *64 docs should have made some
>> mention about not using the WKP globally.
>>
>
> Actually sections 3.1 and 3.2 of http://tools.ietf.org/html/rfc6052 apply
> here.  The implication is that since you can't route more specifics of the
> WKP you shouldn't put them in DNS, but that latter is still not explicitly,
> clearly stated.

And that is how it should be.  There is no reason to forbid any address
in DNS.  Routing is not a requirement for DNS A or AAAA records.

There can be perfectly valid reasons to create DNS records pointing to
addresses which are not necessarily reachable from all places where the
DNS record is visible. This is not a bug.  It's a feature.

I like this example (leftover from the 90'ies when you would ftp to this
"warez"-server and probably find lots of interesting stuff there):

 bjorn at nemi:~$ host langnese.nvg.ntnu.no
 langnese.nvg.ntnu.no has address 127.0.0.1
 langnese.nvg.ntnu.no has IPv6 address ::1
 langnese.nvg.ntnu.no mail is handled by 20 langnese.nvg.ntnu.no.
 langnese.nvg.ntnu.no mail is handled by 50 langnese.nvg.ntnu.no.

:-)

Regarding the initial question, the only problem there seems to be the
typo Jeroen pointed out.  Which is unrelated to 6to4 AFAICS.  There are
examples of perfectly working 6to4 records:

 bjorn at nemi:~$ host kernelnewbies.org
 kernelnewbies.org has address 74.92.59.67
 kernelnewbies.org has IPv6 address 2002:4a5c:3b41:1:216:3eff:fe57:7f4
 kernelnewbies.org mail is handled by 10 forlond.surriel.com.
 kernelnewbies.org mail is handled by 0 forlond.surriel.com.
 kernelnewbies.org mail is handled by 5 shelob.surriel.com.

 bjorn at nemi:~$ ping6 -c1 -n kernelnewbies.org
 PING kernelnewbies.org(2002:4a5c:3b41:1:216:3eff:fe57:7f4) 56 data bytes
 64 bytes from 2002:4a5c:3b41:1:216:3eff:fe57:7f4: icmp_seq=1 ttl=39 time=495 ms
 
 --- kernelnewbies.org ping statistics ---
 1 packets transmitted, 1 received, 0% packet loss, time 0ms
 rtt min/avg/max/mdev = 495.612/495.612/495.612/0.000 ms



Bjørn

More information about the ipv6-ops mailing list