Maintained by: NLnet Labs

[Unbound-users] DNS-ALG/DNS64 question

Simon Perreault
Mon Oct 5 22:34:15 CEST 2009


On Monday 05 October 2009 16:25:47 Florian Weimer wrote:
> What I expect to happen is that the kernel performs the address
> translation at the socket layer.  You send out an IPv4 UDP packet in
> your application, and it gets send out as an IPv6 packet, with a
> suitable IPv6 source address (whatever that is), destined to the NAT64
> gateway (by apply a the DNS64 translation).  No IPv4 addresses are
> required (except for the original destination).  The result is less
> overall complexity, and perfect interoperability with DNSSEC.  The
> cost is a small IPv4 stack change (which could presumably be
> implemented as a packet filter rule if necessary).

Thanks for this complete description. I wanted to make sure I understood you 
well.

I think what you are describing is described here:
http://tools.ietf.org/html/draft-huang-pnat-host-ipv6-01

One drawback is that it requires modifying the host.

There are many solutions for IPv6 migration. Depending on your requirements 
you will choose one or another. It seems that for many people it is important 
to not have to modify the host, hence the interest for DNS64/NAT64 (and NAT-PT 
before it).

Thanks for your input,
Simon
-- 
DNS64 open-source   --> http://ecdysis.viagenie.ca
STUN/TURN server    --> http://numb.viagenie.ca
vCard 4.0           --> http://www.vcarddav.org