On Mon, 4 Aug 2008, Frank Ellermann wrote:
John Levine wrote:
Someone pointed out that in some popular dual stack systems,
connections from IPv4 addresses appear as IPv6 addresses
in :FFFF:0000:0000/96
Could someone explain why a DNSBL needs to return IPV6 addresses? Even
assuming one wants to create a DNSBL that lists IPV6 addresses (which I
don't think would be worthwhile*) the only place the V6 address appears is
in the query hostname character string - the DNSBL reply only needs a
handfull of values, which 127.0.0.X supplies without stress. The replies
are never used as addresses. Are we worried that a DNSBL client
nameservice library wouldn't support IPV4 addresses? That seems
far-fetched. What am I missing?
Daniel Feenberg
Yes, that is what I meant when I mentioned RFC 4408, (ab)using
::FFFF:127.0.0.2 as an "obvious" test entry. Another proposal
in the meeting was to use one of the IPv6 example addresses
for this purpose. But I can't remember the example addresses
without my 4408 cheat sheet, an obvious entry would be better.
The immediate question is whether to add a sentence or two
to the DNSBL spec saying that if you have a DNSBL listing
both v4 and v6 addresses, and you list a v4 address, you
SHOULD or MUST also list the corresponding embedded v6
No. It is the job of the clients to get this right, they are
supposed to ask for the IPv4 form of these addresses. With
::FFFF:127.0.0.2 as a possible *exception* for test purposes.
Frank
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/asrg
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/asrg