quietly....

Derek J. Balling dredd at megacity.org
Fri Feb 4 12:09:11 CST 2011


On Feb 4, 2011, at 11:40 AM, Lamar Owen wrote:

> On Friday, February 04, 2011 09:05:09 am Derek J. Balling wrote:
>> I think they'll eventually notice a difference. How will an IPv4-only internal host know what to do with an IPv6 AAAA record it gets from a DNS lookup?
> 
> If the CPE is doing DNS proxy (most do) then it can map the AAAA record to an A record it passes to the internal client, with an internal address for the record chosen from RFC1918 space, and perform IPv4-IPv6 1:1 NAT from the assigned RFC1918 address to the external IPv6 address from the AAAA record (since you have at least a /64 at your CPE, you can even use the RFC1918 address in the lower 32 bits.... :-P).  
> 
> This may already be a standard, or a draft, or implemented somewhere; I don't know.  But that is how I would do it, just thinking off the top of my head.

That's exactly how I'd implement it too, but I'm just saying that that's sort of a kludge (even above and beyond the types of hoops that NAT itself is jumping through). 

You'd probably have to configure the CPE manually to say something like "here's which RFC1918 space I *don't* care about, that you can use as your v6 IP NAT pool", so that the CPE didn't accidentally abuse IPs in use somewhere else in the environment....

D


More information about the NANOG mailing list