Maintained by: NLnet Labs

[Unbound-users] DNS64 patch for Unbound

W.C.A. Wijngaards
Mon Jun 30 14:10:35 CEST 2014


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi Bjoern,

On 06/29/2014 11:21 PM, Bjoern A. Zeeb wrote:
> Hi,
> 
> a few years back Viagenie[4] developed a DNS64 patch [5] for
> unbound.  In the last couple of years I maintained it and forward
> ported it privately.  Lately, with FreeBSD temporarily shipping
> unbound in base, people have asked for that patch and I ended up
> putting it into a user branch [1][2] and updated it again for a new
> version [3].  I (or anyone) can easily extract an up-to-date patch
> and a large junk of that is mainly the regeneration of files from
> .l/.y.
> 
> However I am now facing the question:  is upstream willing to fully
> integrate this change or should I just drop it into FreeBSD base?
> I’d be happy to work with you guys on this.  Just let me know.

Yes, we would be happy to integrate this.

Previously, we had spoken (very cordially, at the IETF, even though
the main author had had a soccer-related injury) with the folks from
Viagenie.  Both NAT64 was not very important and also the license for
the contribution needed to be sorted out.  These things seem to have
changed (or I might remember our conversation about the license
wrongly).  I see the patch has a very comfortable BSD license.

Is NAT64 considered this important?  We would be happy to incorporate
the patch if this is considered useful to many users.  NAT64 for DNS
does involve allowing others to inject new addresses in a new netblock
for arbitrary names, and as such carries a little bit of security
considerations.  So, I would hesitate to enable this by default.  But
the option could certainly be useful, as we would like to help the
IPv4 to IPv6 transition.  What do other users think about this?

(if they can receive the email...)

Best regards,
   Wouter

> /bz
> 
> References: [1]
> http://svnweb.freebsd.org/base/user/bz/unbound_dns64/ [2]
> http://svnweb.freebsd.org/base?view=revision&revision=263176 [3]
> http://svnweb.freebsd.org/base?view=revision&revision=267241 [4]
> http://ecdysis.viagenie.ca/ [5]
> http://ecdysis.viagenie.ca/download/ecdysis-unbound-1.4.7.20101117.patch.gz
>
>  — Bjoern A. Zeeb             "Come on. Learn, goddamn it.",
> WarGames, 1983
> 
> _______________________________________________ Unbound-users
> mailing list Unbound-users at unbound.net 
> http://unbound.nlnetlabs.nl/mailman/listinfo/unbound-users
> 

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQIcBAEBAgAGBQJTsVO6AAoJEJ9vHC1+BF+Ng2QP/iRf+J7JGTFCZGu0UvFcbWkp
AgjOQr6TAPUb+9Rx89ZX9CcaLUsBfAsVDfS1hgz0NkLSKVWSEwHOlHrqS9Q5X8+Z
pG/eFGK4MY2im1Bb/vzq12ZwL/hrXfYxmgxxr7ddKguktKjU5Qz7HDoAjF6OWajb
T/1hseMbmBpYwflFdauUVkPQ98Ktx1Om8osrOrZ2j5Y6NDl9JUidOF90g8ZlLjHI
OV+Hh2jaEH2TdJ//++6WHvsAZM06cBA4RslEZl2veMuWQqKiHXPYW4sRREEEq22+
Mwm7K6uFb4sdMe5+H2eTB7QkpkUS9Fs25ZZA4g9nDVJ5j2lSPdV99RHSppsto7Vq
YYJo23lDycelsxyWrCXSJEiubUugzHm7B/Igjw6KN+yN4qGNMxq5baHUdeK/aPP5
3utgd3ltYTO3bCpR1dG2/mtBukcU1k2Ekcb4ZobOYCJowRaqqkxwdZdvFV1eAO5S
TpQmt+0gFkDUTcHgWdrqYXoUAyP/nksRPevGUVEwUgIOANOx4zWHTyEGgduMJkla
oNm/vvQG+oTQrCYoi85n1USBF23j2/EOU0u21AdxKfyFFwUKlzhUfrhpwIXhirus
UzrF9lERcjctNuggHpQ1q6zMUzqmrAuAHm23DF1KvMTZmnJbauXsyWnE1EKWd8u7
DUv0mrUBXClKrNsrNPxP
=EIdS
-----END PGP SIGNATURE-----