[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: on NAT-PT

To: "Thakur, Anand" <Anand.Thakur@hpsglobal.com>
Subject: RE: on NAT-PT
From: Senthil Sivakumar <ssenthil@cisco.com>
Date: Thu, 05 Dec 2002 22:48:36 -0800
Cc: Ronald van der Pol <Ronald.vanderPol@rvdp.org>,Christian Huitema <huitema@windows.microsoft.com>,v6ops@ops.ietf.org,juha.wiljakka@nokia.com,itojun@iijlab.net
In-reply-to: <AD112C8ABC61D511B88500902785FCE1046D0B42@HPSB31EX57>

At 09:48 AM 12/6/2002 +0530, Thakur, Anand wrote:

i agree.
 what if we do the following:
whatever the incoming response, the dns_alg will forward 2 responses to the
client:
1)if the response is v4 only, then the dns_alg along with the v4 response
will forward a mapped v6 response.

How does the dns alg know that there won't be a v6 response for the same query.

2)vice-versa if the response is v6 only
3)if 2 responses are received then forward them both to the client

a simple functionality in the client may be able to discard the not-required
result. though this will require a bit of effort on the part of the dns_alg,
but is nothing as compared to the effort that excessive translation will
cause.

Most of the clients only care about the first response and discard others. Now you
are suggesting that the client to be changed which does not sound very appealing.

Senthil

regards
Anand Thakur
HCL Perot Systems
A-14 Sector-57,Noida
tel ext. - 3257
mobile:9811748512

> -----Original Message-----
> From: Ronald van der Pol [SMTP:Ronald.vanderPol@rvdp.org]
> Sent: Thursday, December 05, 2002 6:37 PM
> To:   Thakur, Anand
> Cc:   Christian Huitema; v6ops@ops.ietf.org; juha.wiljakka@nokia.com;
> itojun@iijlab.net
> Subject:      Re: on NAT-PT
>
> On Thu, Dec 05, 2002 at 13:13:24 +0530, Thakur, Anand wrote:
>
> >
> > hi christian,
> > i don't think this a problem in na(p)t-pt, but more a problem in the way
> > dns-alg works. for instance, if we could configure the dns-alg in such a
> way
> > that it does the following:
>
> Suppose a dual-stack client asks for an AAAA.
>
> > 1)maintain a table which maps the source ip address of the dns query and
> the
> > type of query ("A" or "AAAA")
>
> Map that dual-stack client has asked for AAAA.
>
> > 2)generate a dual-query ("A" + "AAAA") every time a dns query is
> detected.
>
> Send A+AAAA queries. Suppose you receive A response only.
>
> > 3)when it intercepts a dns response it should
> > ->translate the "A" response to "AAAA" response if the original quey was
> > "AAAA" and the response is "A" only
>
> So, the A response is mapped to AAAA and send to the dual-stack client.
> That's not what you want. You want the dual-stack client to communicate
> over v4 transport with the destination. So, should not send a mapped
> AAAA to the dual-stack client. The dual-stack client should retry and
> ask for A.
>
>       rvdp

References:
- RE: on NAT-PT
  - From: "Thakur, Anand" <Anand.Thakur@hpsglobal.com>

Prev by Date: Re: on NAT-PT
Next by Date: New 6to4 security draft
Previous by thread: RE: on NAT-PT
Next by thread: RE: on NAT-PT
Index(es):
- Date
- Thread