>> So basically, you're complaining that you came to the IETF and >> received production quality Internet service? > >Do IETF networks add missing IPv6 root glue? If so, would this be >beyond production quality? if I were to provide RFC3142 IPv6-to-IPv4 TCP relaying gateway, I will be using "totd" tricky recursive DNS server. if you put it in /etc/resolv.conf or something alike, you will get translated AAAA records whenever there's no real AAAA record present for a DNS name, and IPv6 TCP traffic will be re-connected into IPv4.. there still are some questions remain: - on *BSDs we do not have UDP relaying gateway, because TCP relaying gateway relies upon *BSD tcpcb structure. Yokogawa sells commercial device which does UDP relaying as well, so maybe yokogawa guys want to speak up. - if you run named or some DNS resolver which caches old results, your DNS cache may be filled with the translated results. it may or may not cause problems. the DNS TTL below shows that totd gives the same TTL as the original A records, it should be reduced to like 0 or 10 seconds when translation happens. with *BSD implementation there's no caching code in libc resolver. with Apple MacOS X there may be some cache but I have never experienced any issues. so there's no cache I suppose, or cache entries are associated with the information source DNS server. I have no idea about Microsoft OSes nor Linux. itojun | IPv6-over-IPv4 tunnel (MTU = 1280) garlic.itojun.org coconut.itojun.org |2 |1 ==+=======================+== wireless segment | 192.168.0.0/24, 2001:240:501:1::/64 wireless clients - DHCPv4 daemon will give wireless clients IPv4 address, DNS server IPv4 address (192.168.0.2), but NO IPv4 default gateway - IPv6 router advertisement will make wireless clients configure itself with IPv6 address(es) and IPv6 default gateway - totd runs on garlic.itojun.org (192.168.0.2) - totd returns translated responses to clients when asked about DNS names without AAAA record associated with it (such as a.root-servers.net). totd will not trick you if the DNS name has AAAA associated with it (www.kame.net). - TCP traffic to 2001:240:501:ffff::/64 will get sucked by garlic.itojun.org - garlic.itojun.org will re-connect IPv6 TCP to IPv4 TCP itojun[garlic:~] dig @192.168.0.2 a.root-servers.net. a ; <<>> DiG 9.3.4 <<>> @192.168.0.2 a.root-servers.net. a ; (1 server found) ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 13668 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 4, ADDITIONAL: 0 ;; QUESTION SECTION: ;a.root-servers.net. IN A ;; ANSWER SECTION: a.root-servers.net. 604225 IN A 198.41.0.4 ;; AUTHORITY SECTION: root-servers.net. 604217 IN NS a.root-servers.net. root-servers.net. 604217 IN NS f.root-servers.net. root-servers.net. 604217 IN NS j.root-servers.net. root-servers.net. 604217 IN NS k.root-servers.net. ;; Query time: 27 msec ;; SERVER: 192.168.0.2#53(192.168.0.2) ;; WHEN: Wed Jul 4 05:18:25 2007 ;; MSG SIZE rcvd: 180 itojun[garlic:~] dig @192.168.0.2 a.root-servers.net. aaaa ; <<>> DiG 9.3.4 <<>> @192.168.0.2 a.root-servers.net. aaaa ; (1 server found) ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 30068 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 4, ADDITIONAL: 0 ;; QUESTION SECTION: ;a.root-servers.net. IN AAAA ;; ANSWER SECTION: a.root-servers.net. 604798 IN AAAA 2001:240:501:ffff::c629:4 ;; AUTHORITY SECTION: root-servers.net. 604790 IN NS a.root-servers.net. root-servers.net. 604790 IN NS f.root-servers.net. root-servers.net. 604790 IN NS j.root-servers.net. root-servers.net. 604790 IN NS k.root-servers.net. ;; Query time: 88 msec ;; SERVER: 192.168.0.2#53(192.168.0.2) ;; WHEN: Wed Jul 4 05:08:52 2007 ;; MSG SIZE rcvd: 192 itojun[garlic:~] dig @192.168.0.2 www.kame.net. a ; <<>> DiG 9.3.4 <<>> @192.168.0.2 www.kame.net. a ; (1 server found) ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 61674 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2 ;; QUESTION SECTION: ;www.kame.net. IN A ;; ANSWER SECTION: www.kame.net. 86400 IN A 203.178.141.194 ;; AUTHORITY SECTION: kame.net. 86400 IN NS ns1.itojun.org. kame.net. 86400 IN NS orange.kame.net. ;; ADDITIONAL SECTION: ns1.itojun.org. 3600 IN A 221.249.121.227 ns1.itojun.org. 3600 IN AAAA 2001:240:501::53:0 ;; Query time: 306 msec ;; SERVER: 192.168.0.2#53(192.168.0.2) ;; WHEN: Wed Jul 4 05:19:06 2007 ;; MSG SIZE rcvd: 175 itojun[garlic:~] dig @192.168.0.2 www.kame.net. aaaa ; <<>> DiG 9.3.4 <<>> @192.168.0.2 www.kame.net. aaaa ; (1 server found) ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 4861 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2 ;; QUESTION SECTION: ;www.kame.net. IN AAAA ;; ANSWER SECTION: www.kame.net. 86400 IN AAAA 2001:200:0:8002:203:47ff:fea5:3085 ;; AUTHORITY SECTION: kame.net. 86399 IN NS orange.kame.net. kame.net. 86399 IN NS ns1.itojun.org. ;; ADDITIONAL SECTION: ns1.itojun.org. 3600 IN A 221.249.121.227 ns1.itojun.org. 3600 IN AAAA 2001:240:501::53:0 ;; Query time: 43 msec ;; SERVER: 192.168.0.2#53(192.168.0.2) ;; WHEN: Wed Jul 4 05:19:07 2007 ;; MSG SIZE rcvd: 187 _______________________________________________ Ietf@xxxxxxxx https://www1.ietf.org/mailman/listinfo/ietf