ietf
[Top] [All Lists]

Re: IPv6 NAT?

2008-02-20 07:43:31
Stephane Bortzmeyer wrote :
[Mark Andrews is right, it is very difficult to separate your message
 from the parts you quote, my mail reader does not have a HTML parser
 !]
Thanks.
I will try to be more careful.


On Wed, Feb 20, 2008 at 01:57:18PM +0100, Rémi Després 
<remi(_dot_)despres(_at_)free(_dot_)fr> wrote a message of 44 lines which 
said:

The first 64 bits of IPv6 addresses are still available to identify
 sites from which connections are initiated.

I was not speaking about you *can* do but about what people *do* 
today. A lot of people use the existence (or not) of a PTR record to
 grant you access or not. You may tell them "PTR is useless, use the
 first 64 bits of the address instead", they won't listen.
I didn't tell anybody that PTRs were useless (and don't think it
either!) :-).

PTR RRs are normally used to get names corresponding to prefixes, 
not to addresses, so that there is IMU no reverse DNS problem here.



AFAIK, there is no DNS way to resolve prefixes into names (RFC 1101,
 may be? Can we apply it to IPv6 addresses?). A PTR is for a complete
 adress, not for a prefix.
I have to recognize that my knowledge of the DNS needs improvements.
Sorry for that.
Thanks for the rectification.
As I now se it, I wrongly interpreted PTR RRs used for zone delegation
as RRs that could also be used to identify sources.

Then the point is different.
An advantage of NATs, for remote host identification, is that a host
name given to a NAT device serves as substitute name to all real hosts
behind this NAT.

A similar result could be achieved if resolvers, when they have to get a
name for an IPv6 address having a privacy ID, instead of having no
chance to get any name, would replace this ID by an agreed standard
value for which there is a PTR RR.

RD




_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
http://www.ietf.org/mailman/listinfo/ietf

<Prev in Thread] Current Thread [Next in Thread>