On Thu, Apr 27, 2017 at 9:27 AM, Jehan Tremback <jehan.tremback(a)gmail.com>
wrote:
It seems like something that would be easy, just NAT
ipv4 traffic to IPv6
for our network. Can you link to any resources on these difficulties?
"Not every type of resource is accessible with NAT64. Protocols that embed
IPv4 literal addresses, such as SIP
<https://en.wikipedia.org/wiki/Session_Initiation_Protocol> and SDP
<https://en.wikipedia.org/wiki/Session_Description_Protocol>, FTP
<https://en.wikipedia.org/wiki/FTP>, WebSocket
<https://en.wikipedia.org/wiki/WebSocket>, Skype
<https://en.wikipedia.org/wiki/Skype>, MSN, and any other content with IPv4
literals are excluded"
https://en.wikipedia.org/wiki/NAT64
"There are two noticeable issues with this transition mechanism:
- It only works for cases where DNS is used to find the remote host
address, if IPv4 literals are used the DNS64 server will never be involved.
- Because the DNS64 server needs to return records not specified by the
domain owner, DNSSEC <https://en.wikipedia.org/wiki/DNSSEC> validation
against the root
<https://en.wikipedia.org/wiki/DNSSEC#Deployment_at_the_DNS_root> will
fail in cases where the DNS server doing the translation is not the domain
owner's server. "
https://en.wikipedia.org/wiki/IPv6_transition_mechanism#DNS64
--
marc/juul