I came across the following in some IPv6-related draft and thought I'd share it.
|3.1. Using DNS to Learn IPv6 Prefix and Length | | In order for an IPv6 host to determine if a NAT64 is present on its | network, it sends a DNS query. Because a host doesn't always know | its network's default domain name, the procedure described below | provides a way for the host to learn it in order to authorize that | network's address family translator: | | 1. Send a DNS AAAA query for "_aft_prefix", without a domain name. | If this does not return an IPv6 address it means a address family | translator is not present and processing MUST stop. [...] | 3. If validation of this information is not necessary, then: | | a. Send a DNS TXT query for "_aft_prefix", without the domain | name, to learn the number of bits of the prefix. | [...] | Discussion: without a domain name, it is unavoidable that root | nameservers will see this query. Need to think about ways to | reduce the effect of those queries (e.g., make them authoritative | and return all 0's which will get cached). So they are aware that this is broken. Let's hope that this type of service discovery through a fraction DNS root doesn't make its way into the final standard. _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
