Re: Using IPv6/IPv4 tunnels to send queries to a DNS server
In message , Hansen Candrawinata writes: > Thanks for the responses. > > Can a DNS server (the machine, not BIND) be a tunnel endpoint > for 6to4? Yes, provided it meets all the criteria for being a 6to4 tunnel end point. You need a non ambious IPv4 address for the tunnel end point. If your ISP gives you a NAT'd (shared) address you can't run 6to4. You can't use a RFC 1918 address for your tunnel end point. Your firewall needs to expect reply traffic from anywhere from anywhere. Just because you send your encapsulated packet to 192.88.99.1, don't expect the encapusulted reply traffic to come from 192.88.99.1. 6to4 traffic is asymetric. Some ISP run firewalls which block non symetric traffic. A major part of the problem Google and other big providers have with deploying IPv6 is badly configured 6to4 gateways (often done automatically) and code that doesn't fall back to IPv4, or fall back to IPv4 in a timely manner. Put the two together and you have problems. Test your 6to4 configuration. Personally I would setup a tunnel with a tunnel broker, like HE.NET, rather than running 6to4. You then know who to talk to when you have IPv6 problems. Mark -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: Using IPv6/IPv4 tunnels to send queries to a DNS server
Thanks for the responses. Can a DNS server (the machine, not BIND) be a tunnel endpoint for 6to4? Thanks, Hansen On Thu, Nov 10, 2011 at 3:05 PM, Hansen Candrawinata wrote: > This is not strictly a BIND related question, but thought someone here > probably knew the answer. > > Is it valid to use IPv6/IPv4 tunnels to send DNS queries to a DNS server. > > Does anyone know what the standards (RFCs) say about this? > > Thanks. ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
RE: Using IPv6/IPv4 tunnels to send queries to a DNS server
Ya. It is totally valid. In fact we have tested the same in our organization for giving internet connectivity to ipv6 islands. What tunnel do is, it basically encapsulate the ipv6 packet in ipv4 header. So a packet reach its destination,( i.e, tunnel destination), transparently. And at the destination point, ipv4 header is removed and packet is forwarded as per its ipv6 destination. No issue as at all except slowness in opening some website due to the MTU size of the tunnels. So keep in mind the MTU size of your tunnel AND fine tune it for smooth browsing. Thanks and Regards, Gaurav Kansal 9910118448 -Original Message- From: bind-users-bounces+gaurav.kansal=nic...@lists.isc.org [mailto:bind-users-bounces+gaurav.kansal=nic...@lists.isc.org] On Behalf Of Hansen Candrawinata Sent: Thursday, 10 November, 2011 9:35 AM To: bind-users@lists.isc.org Subject: Using IPv6/IPv4 tunnels to send queries to a DNS server This is not strictly a BIND related question, but thought someone here probably knew the answer. Is it valid to use IPv6/IPv4 tunnels to send DNS queries to a DNS server. Does anyone know what the standards (RFCs) say about this? Thanks. ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: Using IPv6/IPv4 tunnels to send queries to a DNS server
On Wed, Nov 9, 2011 at 8:05 PM, Hansen Candrawinata wrote: > This is not strictly a BIND related question, but thought someone here > probably knew the answer. > > Is it valid to use IPv6/IPv4 tunnels to send DNS queries to a DNS server. > > Does anyone know what the standards (RFCs) say about this? They don't as the use of tunnels has nothing to do with DNS. Tunnels are simply the encapsulation of one protocol in another. The encapsulation is done at the tunnel entrance and removed on exit. Nothing outside of those two points knows or cares that there is a tunnel involved. I am assuming you are really talking about tunneling IPv6 packets in IPv4 to get between IPv6 networks which lack direct connections But, bu definition, a tunnel should be entirely transparent to things on either side of the tunnel including DNS. Of course, that means that the server on the other side of the tunnel must talk IPv6. -- R. Kevin Oberman, Network Engineer E-mail: kob6...@gmail.com ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Using IPv6/IPv4 tunnels to send queries to a DNS server
This is not strictly a BIND related question, but thought someone here probably knew the answer. Is it valid to use IPv6/IPv4 tunnels to send DNS queries to a DNS server. Does anyone know what the standards (RFCs) say about this? Thanks. ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users