DNS-Based Address Mappping Record (AMR) for IPv4/IPv6 Mapping in IPv6-only Networks

describes a framework for deploying IPv6-only underlay in multi-domain networks, IPv4 packets are statelessly translated or encapsulated into IPv6 packets for transmission. This framework requires IPv4/IPv6 address mapping rule to support stateless packet conversion at Provider Edge (PE) routers. This document defines a new Domain Name System (DNS) resource record type, called the Address Mapping Record (AMR). AMR record stores the mappings between IPv4 address blocks and their corresponding IPv6 prefixes, enabling PE to query these mappings via standard DNS protocols. AMR is applicable in IPv6-only networks .

The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in .

The following terms are defined in this draft: DNS: Domain Name System, defined in PE: Provider Edge, defined in Pref6: IPv6 Mapping Prefix, indicating edge devices for translating IPv4 packets in an IPv6-only network.

AMR records use a special domain name space under “in-addr-m.arpa”. For an IPv4 address block 192.0.2.0/24, the corresponding AMR record name is constructed by reversing the IPv4 prefix and appending ".in-addr-m.arpa". Example: IPv4 block: 192.0.2.0/24 IPv6 mapping prefix: 2001:db8::/64 The AMR record: 0.2.0.192.in-addr-m.arpa. IN AMR 2001:db8::/64

The encoding of the type is shown below：

Name— the reverse IPv4 address, its format is IPv4 address block.in-addr-m.arpa; Type— the type of the record，AMR; Class— indicating that the record is for the Internet environment; TTL—time-to-live in cache; Data length— length of the data section; v4prefix-length— length of the IPv4 address block; v6prefix-length— length of the IPv6 mapping prefix; v6prefix— IPv6 mapping prefix.

In a multi-domain IPv6-only network architecture, PE1 and PE2 are network edge devices with rule-based IPv4-IPv6 conversion capabilities, and their address mapping prefixes are denoted as Pref6. Each edge device also needs to be associated with one or more IPv4 address blocks, which are extracted from the local IPv4 routing table or address pool. IPv4 packets enter the multi-domain IPv6-only network via an ingress PE and exit via an egress PE. The mapping relationship between an IPv4 address block and its corresponding IPv6 prefix is referred ro as a mapping rule, which will have at least the following data structure. IPv4 address block: Pref6(PE)

| | | | | +------------------+ +-------------------+ | | 2.publish AMR | | | |--------------------->| | | |<---------------------| | | Authoritative |5.TTL expire, query | Local DNS Server | | DNS Server | the latest record | | | | | | | | | | | |--------------------->| | | |6.reply the lastest | | | | AMR | | +------------------+ +-------------------+ ^ ^| 1.| || r | || e | || g | 3.||4. i | q ||r s | u ||e t | e ||p r | r ||l a | y ||y t | || i | || o | || n | || +-+------------------------------++-+ | | || | | | +-+ +-+ +-+ || | +----------+ | | /AS1\ /AS2\ /AS3\ || | +----------+ |IPv4 | | | | | | | | ||V | |IPv4 | |network N1|---+-PE1 P1--P2 P3--P4 PE2-+---|network N2| +----------+ | | | | | | | | +----------+ | \ / \ / \ / | | +-+ +-+ +-+ | | | | Multi-domain IPv6-only Network | +-----------------------------------+ Figure 2: The Option B cross-domain scenario ]]> The AMR mechanism enables the distribution and retrieval of these mappings via DNS, as detailed below.

PE1 router generate mappings between local IPv4 address blocks (served by their connected IPv4 networks) and their own IPv6 mapping prefixes (Pref6). Then, PE1 send these mappings to an authoritative DNS server, which stores them as AMR records in its database. The authoritative server validates the format of the mappings (e.g., correct prefix lengths, valid IPv6 prefixes) before adding them to the appropriate zone file under in-addr-m.arpa.

Authoritative DNS servers publish AMR records within their managed DNS zones, making them available for query by local DNS servers. AMR records are assigned a TTL value (e.g., 3600 seconds) to control cache freshness. Local DNS servers cache AMR records and refresh them by querying the authoritative server once the TTL expires, ensuring up-to-date mappings.

When Ingress PE receives an IPv4 packet, it queries the DNS to retrieve the corresponding IPv6 mapping prefix. The procedure is as follows: Extracts destination IPv4 address (e.g., 192.0.2.1). Query Construction: Ingress PE constructs a DNS query using the reversed destination IPv4 address appended with .in-addr-m.arpa and specifies the AMR record type. For example, a destination IPv4 address of 192.0.2.1 (within 192.0.2.0/24) results in the query name 1.2.0.192.in-addr-m.arpa. IN AMR. Query Resolution: Checks local DNS cache for existing AMR record: If valid cached record exists with unexpired TTL: Uses the cached IPv6 prefix for packet conversion; Skips further DNS queries. If no valid cache entry exists: Proceeds to step 3b. Queries configured local recursive resolver (if any): Local resolver checks its cache and zone data; If record exists in local authoritative zones: Returns AMR record with TTL; PE updates local cache; Proceeds to packet conversion. If no local record exists: Proceeds to step 3c Initiates standard DNS resolution via recursive lookup: Follows normal DNS resolution chain; Queries authoritative servers for in-addr-m.arpa; Validates DNSSEC signatures if present. Cache Refresh: When the TTL of a cached AMR record expires, the local server re-queries the authoritative server to fetch the latest record, updating its cache accordingly.

The AMR mechanism introduces several security considerations: * Attackers could provide false mapping information. DNSSEC MUST be used to authenticate AMR record. * Rate limiting SHOULD be implemented for AMR queries.

This document defines a new Domain Name System (DNS) resource record type - Address Mapping Record (AMR) from the "DNS PARAMETERS" registry.

This comments and suggestions of the following are gratefully acknowledged: * TBD