On Mon, 4 Aug 2008, Frank Ellermann wrote:
John Levine wrote:Someone pointed out that in some popular dual stack systems, connections from IPv4 addresses appear as IPv6 addresses in :FFFF:0000:0000/96
Could someone explain why a DNSBL needs to return IPV6 addresses? Even assuming one wants to create a DNSBL that lists IPV6 addresses (which I don't think would be worthwhile*) the only place the V6 address appears is in the query hostname character string - the DNSBL reply only needs a handfull of values, which 127.0.0.X supplies without stress. The replies are never used as addresses. Are we worried that a DNSBL client nameservice library wouldn't support IPV4 addresses? That seems far-fetched. What am I missing?
Daniel Feenberg
Yes, that is what I meant when I mentioned RFC 4408, (ab)using ::FFFF:127.0.0.2 as an "obvious" test entry. Another proposal in the meeting was to use one of the IPv6 example addresses for this purpose. But I can't remember the example addresses without my 4408 cheat sheet, an obvious entry would be better.The immediate question is whether to add a sentence or two to the DNSBL spec saying that if you have a DNSBL listing both v4 and v6 addresses, and you list a v4 address, you SHOULD or MUST also list the corresponding embedded v6No. It is the job of the clients to get this right, they are supposed to ask for the IPv4 form of these addresses. With ::FFFF:127.0.0.2 as a possible *exception* for test purposes. Frank _______________________________________________ Asrg mailing list Asrg at ietf.org https://www.ietf.org/mailman/listinfo/asrg
_______________________________________________ Asrg mailing list Asrg at ietf.org https://www.ietf.org/mailman/listinfo/asrg