RE: Best practice - dual stack DNS?
FWIW, the RFC6106 support that's in IOS (big I) allows one to specify DNS Server Addresses but not, currently, the DNS Search List. As Lorenzo mentioned, this is in the latest ASR1000 release, and will appear on other platforms over time as their releases pick up the latest version of ND. E.g. for the "T" release on ISRs, this is intended to ship in Q1CY14 - but as ever, contact your account team for committed dates. Trevor From: ipv6-ops-bounces+twarwick=cisco@lists.cluenet.de [mailto:ipv6-ops-bounces+twarwick=cisco@lists.cluenet.de] On Behalf Of Eric Vyncke (evyncke) Sent: 22 October 2013 06:15 To: Lorenzo Colitti Cc: Roger Wiklund; ipv6-ops@lists.cluenet.de Subject: RE: Best practice - dual stack DNS? I stand corrected and thanks for the good pieces of news -éric From: Lorenzo Colitti [mailto:lore...@google.com] Sent: mardi 22 octobre 2013 10:42 To: Eric Vyncke (evyncke) Cc: Roger Wiklund; ipv6-ops@lists.cluenet.de<mailto:ipv6-ops@lists.cluenet.de>; Brian E Carpenter Subject: RE: Best practice - dual stack DNS? AIUI Cisco supports RFC 6106 on the ASR1K. Mac OS X and iOS do support it, I think (tested recently). Android does not yet support it. Windows does not support it. On 22 Oct 2013 13:45, "Eric Vyncke (evyncke)" mailto:evyn...@cisco.com>> wrote: I can confirm the lack of support on IOS (see my email address). Moreover, AFAIK there is no support in Windows, Android and Mac OS/X -éric From: ipv6-ops-bounces+evyncke=cisco@lists.cluenet.de<mailto:cisco@lists.cluenet.de> [mailto:ipv6-ops-bounces+evyncke<mailto:ipv6-ops-bounces%2Bevyncke>=cisco@lists.cluenet.de<mailto:cisco@lists.cluenet.de>] On Behalf Of Roger Wiklund Sent: mardi 22 octobre 2013 01:54 To: Brian E Carpenter Cc: ipv6-ops@lists.cluenet.de<mailto:ipv6-ops@lists.cluenet.de> Subject: Re: Best practice - dual stack DNS? Not supported on either IOS or JUNOS afaik. /Roger On Mon, Oct 21, 2013 at 9:41 PM, Brian E Carpenter mailto:brian.e.carpen...@gmail.com>> wrote: What about http://tools.ietf.org/html/rfc6106 ? Brian On 22/10/2013 01:24, Roger Wiklund wrote: > Hi. > > I'm setting up a wireless guest network with dual stack. > Private IPv4 via DHCP and public IPv6 via SLAAC. > > At first had the client first hop IPv6 routing on the WAN CPE using SLAAC > and DHCPv6 just for DNS. > > I decided to move the client first hop IPv6 routing to the ASA firewall > instead, but it does not support DHCPv6. > > So currently I only have IPv4 DNS and what works just fine. What's the best > practice for dual stack DNS? Should I bother with setting up DHCPv6 relay > etc? > > Thanks! > > /Roger >
Re: Best practice - dual stack DNS?
Hi, On Tue, Oct 22, 2013 at 04:45:02AM +, Eric Vyncke (evyncke) wrote: > I can confirm the lack of support on IOS (see my email address). Moreover, > AFAIK there is no support in Windows, Android and Mac OS/X There is support in iOS, though :-) Gert -- have you enabled IPv6 on something today...? SpaceNet AGVorstand: Sebastian v. Bomhard Joseph-Dollinger-Bogen 14 Aufsichtsratsvors.: A. Grundner-Culemann D-80807 Muenchen HRB: 136055 (AG Muenchen) Tel: +49 (0)89/32356-444 USt-IdNr.: DE813185279
RE: Best practice - dual stack DNS?
I stand corrected and thanks for the good pieces of news -éric From: Lorenzo Colitti [mailto:lore...@google.com] Sent: mardi 22 octobre 2013 10:42 To: Eric Vyncke (evyncke) Cc: Roger Wiklund; ipv6-ops@lists.cluenet.de; Brian E Carpenter Subject: RE: Best practice - dual stack DNS? AIUI Cisco supports RFC 6106 on the ASR1K. Mac OS X and iOS do support it, I think (tested recently). Android does not yet support it. Windows does not support it. On 22 Oct 2013 13:45, "Eric Vyncke (evyncke)" mailto:evyn...@cisco.com>> wrote: I can confirm the lack of support on IOS (see my email address). Moreover, AFAIK there is no support in Windows, Android and Mac OS/X -éric From: ipv6-ops-bounces+evyncke=cisco@lists.cluenet.de<mailto:cisco@lists.cluenet.de> [mailto:ipv6-ops-bounces+evyncke<mailto:ipv6-ops-bounces%2Bevyncke>=cisco@lists.cluenet.de<mailto:cisco@lists.cluenet.de>] On Behalf Of Roger Wiklund Sent: mardi 22 octobre 2013 01:54 To: Brian E Carpenter Cc: ipv6-ops@lists.cluenet.de<mailto:ipv6-ops@lists.cluenet.de> Subject: Re: Best practice - dual stack DNS? Not supported on either IOS or JUNOS afaik. /Roger On Mon, Oct 21, 2013 at 9:41 PM, Brian E Carpenter mailto:brian.e.carpen...@gmail.com>> wrote: What about http://tools.ietf.org/html/rfc6106 ? Brian On 22/10/2013 01:24, Roger Wiklund wrote: > Hi. > > I'm setting up a wireless guest network with dual stack. > Private IPv4 via DHCP and public IPv6 via SLAAC. > > At first had the client first hop IPv6 routing on the WAN CPE using SLAAC > and DHCPv6 just for DNS. > > I decided to move the client first hop IPv6 routing to the ASA firewall > instead, but it does not support DHCPv6. > > So currently I only have IPv4 DNS and what works just fine. What's the best > practice for dual stack DNS? Should I bother with setting up DHCPv6 relay > etc? > > Thanks! > > /Roger >
RE: Best practice - dual stack DNS?
I can confirm the lack of support on IOS (see my email address). Moreover, AFAIK there is no support in Windows, Android and Mac OS/X -éric From: ipv6-ops-bounces+evyncke=cisco@lists.cluenet.de [mailto:ipv6-ops-bounces+evyncke=cisco@lists.cluenet.de] On Behalf Of Roger Wiklund Sent: mardi 22 octobre 2013 01:54 To: Brian E Carpenter Cc: ipv6-ops@lists.cluenet.de Subject: Re: Best practice - dual stack DNS? Not supported on either IOS or JUNOS afaik. /Roger On Mon, Oct 21, 2013 at 9:41 PM, Brian E Carpenter mailto:brian.e.carpen...@gmail.com>> wrote: What about http://tools.ietf.org/html/rfc6106 ? Brian On 22/10/2013 01:24, Roger Wiklund wrote: > Hi. > > I'm setting up a wireless guest network with dual stack. > Private IPv4 via DHCP and public IPv6 via SLAAC. > > At first had the client first hop IPv6 routing on the WAN CPE using SLAAC > and DHCPv6 just for DNS. > > I decided to move the client first hop IPv6 routing to the ASA firewall > instead, but it does not support DHCPv6. > > So currently I only have IPv4 DNS and what works just fine. What's the best > practice for dual stack DNS? Should I bother with setting up DHCPv6 relay > etc? > > Thanks! > > /Roger >
Re: Best practice - dual stack DNS?
Not supported on either IOS or JUNOS afaik. /Roger On Mon, Oct 21, 2013 at 9:41 PM, Brian E Carpenter < brian.e.carpen...@gmail.com> wrote: > What about http://tools.ietf.org/html/rfc6106 ? > >Brian > > On 22/10/2013 01:24, Roger Wiklund wrote: > > Hi. > > > > I'm setting up a wireless guest network with dual stack. > > Private IPv4 via DHCP and public IPv6 via SLAAC. > > > > At first had the client first hop IPv6 routing on the WAN CPE using SLAAC > > and DHCPv6 just for DNS. > > > > I decided to move the client first hop IPv6 routing to the ASA firewall > > instead, but it does not support DHCPv6. > > > > So currently I only have IPv4 DNS and what works just fine. What's the > best > > practice for dual stack DNS? Should I bother with setting up DHCPv6 relay > > etc? > > > > Thanks! > > > > /Roger > > >
Re: Best practice - dual stack DNS?
What about http://tools.ietf.org/html/rfc6106 ? Brian On 22/10/2013 01:24, Roger Wiklund wrote: > Hi. > > I'm setting up a wireless guest network with dual stack. > Private IPv4 via DHCP and public IPv6 via SLAAC. > > At first had the client first hop IPv6 routing on the WAN CPE using SLAAC > and DHCPv6 just for DNS. > > I decided to move the client first hop IPv6 routing to the ASA firewall > instead, but it does not support DHCPv6. > > So currently I only have IPv4 DNS and what works just fine. What's the best > practice for dual stack DNS? Should I bother with setting up DHCPv6 relay > etc? > > Thanks! > > /Roger >
Re: Best practice - dual stack DNS?
Yeah I know, I'm already running ISC DHCP server for IPv4. I know the ASA supports DHCPv6 relay but there is a limitation for shared interfaces which im running into. "Enables DHCPv6 relay service on an interface. When the service is enabled, the incoming DHCPv6 message from a client on the interface that may have been relayed by another relay agent will be forwarded to all configured relay destinations through all configured outgoing links. For multiple context mode, you cannot enable DHCP relay on an interface that is used by more than one context (that is, a shared interface)." On Mon, Oct 21, 2013 at 6:29 PM, Max Tulyev wrote: > In IPv4 DHCP server is not nessecary to be a router. You can have DHCP > server as x.x.x.2 and tell the clients use next-hop x.x.x.1. Is thera > any problem with DHCPv6? > > On 21.10.13 15:24, Roger Wiklund wrote: > > I decided to move the client first hop IPv6 routing to the ASA firewall > > instead, but it does not support DHCPv6. > >
Re: Best practice - dual stack DNS?
In IPv4 DHCP server is not nessecary to be a router. You can have DHCP server as x.x.x.2 and tell the clients use next-hop x.x.x.1. Is thera any problem with DHCPv6? On 21.10.13 15:24, Roger Wiklund wrote: > I decided to move the client first hop IPv6 routing to the ASA firewall > instead, but it does not support DHCPv6.
Re: Best practice - dual stack DNS?
Well they have no choice if they want to use this network =) Thanks for the input, this is a public guest network so any device/OS is possible. I'll go with IPv4 DNS only, for now. /Roger On Mon, Oct 21, 2013 at 2:42 PM, Gert Doering wrote: > Hi, > > On Mon, Oct 21, 2013 at 02:24:27PM +0200, Roger Wiklund wrote: > > So currently I only have IPv4 DNS and what works just fine. What's the > best > > practice for dual stack DNS? Should I bother with setting up DHCPv6 relay > > etc? > > Well, how do you handle clients that do not want to use IPv4? So yes, > DHCPv6 and RDNSS is it :-) > > Gert Doering > -- NetMaster > -- > have you enabled IPv6 on something today...? > > SpaceNet AGVorstand: Sebastian v. Bomhard > Joseph-Dollinger-Bogen 14 Aufsichtsratsvors.: A. Grundner-Culemann > D-80807 Muenchen HRB: 136055 (AG Muenchen) > Tel: +49 (0)89/32356-444 USt-IdNr.: DE813185279 >
Re: Best practice - dual stack DNS?
Hi, On Mon, Oct 21, 2013 at 02:46:08PM +0200, Enno Rey wrote: > > Well, how do you handle clients that do not want to use IPv4? So yes, > > DHCPv6 and RDNSS is it :-) > > which both are (still) not supported by Android, to the best of my knowledge. Yeah, Android seems to be a bit lacking in the IPv6 department... :-( > Not sure about the environment of the OP but at least for Android > clients his exact setup is probably the way to go [besides manually > configuring DNS resolvers in some Android-based phones GUI]. This worked nicely on the IPv6-only + NAT64/DNS64 wifi at RIPE67 - configuring a bogus IPv4 address, no IPv4 default gateway, and manually entering the IPv6 DNS64 server. But of course that was just a stopgap to enable testing the NAT64 environment, not something I consider "production ready". Gert Doering -- NetMaster -- have you enabled IPv6 on something today...? SpaceNet AGVorstand: Sebastian v. Bomhard Joseph-Dollinger-Bogen 14 Aufsichtsratsvors.: A. Grundner-Culemann D-80807 Muenchen HRB: 136055 (AG Muenchen) Tel: +49 (0)89/32356-444 USt-IdNr.: DE813185279
Re: Best practice - dual stack DNS?
Hi, On Mon, Oct 21, 2013 at 02:42:02PM +0200, Gert Doering wrote: > Hi, > > On Mon, Oct 21, 2013 at 02:24:27PM +0200, Roger Wiklund wrote: > > So currently I only have IPv4 DNS and what works just fine. What's the best > > practice for dual stack DNS? Should I bother with setting up DHCPv6 relay > > etc? > > Well, how do you handle clients that do not want to use IPv4? So yes, > DHCPv6 and RDNSS is it :-) which both are (still) not supported by Android, to the best of my knowledge. Not sure about the environment of the OP but at least for Android clients his exact setup is probably the way to go [besides manually configuring DNS resolvers in some Android-based phones GUI]. best Enno > > Gert Doering > -- NetMaster > -- > have you enabled IPv6 on something today...? > > SpaceNet AGVorstand: Sebastian v. Bomhard > Joseph-Dollinger-Bogen 14 Aufsichtsratsvors.: A. Grundner-Culemann > D-80807 Muenchen HRB: 136055 (AG Muenchen) > Tel: +49 (0)89/32356-444 USt-IdNr.: DE813185279 -- Enno Rey ERNW GmbH - Carl-Bosch-Str. 4 - 69115 Heidelberg - www.ernw.de Tel. +49 6221 480390 - Fax 6221 419008 - Cell +49 173 6745902 Handelsregister Mannheim: HRB 337135 Geschaeftsfuehrer: Enno Rey Troopers 2013 Videos online: http://www.youtube.com/user/TROOPERScon?feature=watch === Blog: www.insinuator.net || Conference: www.troopers.de ===
Re: Best practice - dual stack DNS?
Hi, On Mon, Oct 21, 2013 at 02:24:27PM +0200, Roger Wiklund wrote: > So currently I only have IPv4 DNS and what works just fine. What's the best > practice for dual stack DNS? Should I bother with setting up DHCPv6 relay > etc? Well, how do you handle clients that do not want to use IPv4? So yes, DHCPv6 and RDNSS is it :-) Gert Doering -- NetMaster -- have you enabled IPv6 on something today...? SpaceNet AGVorstand: Sebastian v. Bomhard Joseph-Dollinger-Bogen 14 Aufsichtsratsvors.: A. Grundner-Culemann D-80807 Muenchen HRB: 136055 (AG Muenchen) Tel: +49 (0)89/32356-444 USt-IdNr.: DE813185279
Best practice - dual stack DNS?
Hi. I'm setting up a wireless guest network with dual stack. Private IPv4 via DHCP and public IPv6 via SLAAC. At first had the client first hop IPv6 routing on the WAN CPE using SLAAC and DHCPv6 just for DNS. I decided to move the client first hop IPv6 routing to the ASA firewall instead, but it does not support DHCPv6. So currently I only have IPv4 DNS and what works just fine. What's the best practice for dual stack DNS? Should I bother with setting up DHCPv6 relay etc? Thanks! /Roger
