]> Sandelman Software Works

470 Dawson Avenue Ottawa, ON K1Z 5V7 Canada mcr+ietf@sandelman.ca

Internet Homenet Internet-Draft Merges IPv4 reverse names into IPv6 reverse maps, particularly for IPv6 delegations that are managed automatically.

Introduction Many small offices get customized service from boutique ISPs. This has historically included delegation of one or a small number (8 to 16) of statically assigned IPv4 addresses. Populating the reverse zone for such small delegations has often meant using style delegation. delegation still requires that the ISP delegate the zone to the customer, collect NS and DS records, and in most cases, that the ISP arranges to become a secondary for the zone. Experience by early adopters was that not every stub resolver would do a second query when a CNAME record was found in the reverse zone rather than a PTR, but if the PTR was returned as additional information in the same query, that it would in fact work. (Later specifications make stub resolvers ignore this additional information, but resolvers that paid attention to that update, also likely would follow the CNAME in the reverse) This custom configuration required to do delegation often has been a drag for many operators, and in some cases has resulted in delays to making IPv6 available to this smaller offices. The rational is that IPv6 operations can only be scaled well when completely automated, and the custom configurations for the IPv4 delegation get in the way of such things. This document proposes to leverage the work of and to automate the delegation of reverse zones for IPv4 delegations.

Protocol Proposal initially proposes to make the delegated zone a subzone of the IPv4 reverse, such as having '128/26.2.0.192.in-addr.arpa' be the delegation from '2.0.192.in-addr.arpa' (The use of '/' as the separator has become a problem for many operators due the way that zone names are translated to file names, and has often been replaced with another character like '-') In suggests putting the reverse names into the forward zone. This document proposes to put the IPv4 reverse names into the IPv6 reverse zone, which can be automatically delegated to the Home Naming Architecture described in . All of this can be done today through bilateral convention: as long as the HNA and the ISP's IPv4 Address Management system agree to use the same names in the CNAMEs, everything works. This document proposes a universal mechanism to enable interoperation without bilateral agreement. IPv4 reverse names are done by octet in decimal, while IPv6 is done by hexadecimal digit by nibble. In order to allow for the maximum interoperation for cases where multiple IPv4 addresses are delegated, but not from the same prefix, all IPv4 octets should be included in the mapped address. It is therefore proposed that the reverse name for an address 192.0.2.234, where the customer has the IPv6 prefix 2001:db8:cake::/64 delegated, be mapped as follows: Note that the resulting name in the IP6 space will always be shorter than any IPv6 name, so even if a number like 8.8.8.8 were mapped (which could very well be read as an IPv6 nibble grouping), there should never be a conflict.

Operator changes The only thing that the operator has to do differently is to insert the right CNAMEs into its reverse IPv4 DNS. These can be generated by a custom script for their IP Address Manager which will know what IPv6 delegations have been made, and which IPv4 static delegations are involved. All of the DNS operational activities like DNSSEC, NS records, and the like would now be handled by the mechanisms of and .

Home Naming Architecture (HNA) changes The HNA mechanism responsible for creating the reverse map needs to take into account any static IPv4 addresses that are delegated to it. This may be via PPP IPCP, or DHCPv4 for the first address, and by some IPv4 as a service to get additional addresses. It is probably that the addresses will have to be statically configured for some time. (Note that the services described by are all mechanisms to share an IPv4 among many subscribers, not delegate a single IPv4 address) For an address like 192.0.2.234, with a reverse name of "webserver.example", then it must create a new PTR record like:

Security Considerations The presence of the additional PTR records may be easily enumerated due to the much smaller IPv4 space. That will reveal which names are active in IPv4 space for the enterprise using this technique. -- back

References Normative References This document describes a way to do IN-ADDR.ARPA delegation on non-octet boundaries for address spaces covering fewer than 256 addresses. This document specifies an Internet Best Current Practices for the Internet Community, and requests discussion and suggestions for improvements. Ericsson Nominum Sandelman Software Works Globis Consulting BV Home network owners may have devices or services hosted on this home network that they wish to access from the Internet (i.e., from a network outside of the home network). To enable this access, the names and IP addresses of these devices and services needs to be made available in the public DNS. The names and IP address of the home network are present in the Public Homenet Zone by the Homenet Naming Authority (HNA), which in turn instructs the DNS Outsourcing Infrastructure (DOI) to publish the zone on the behalf of the HNA. This document describes how an HNA can instruct a DOI to publish a Public Homenet Zone on its behalf. Ericsson Akamai Internet Systems Consortium, Inc. This document defines DHCPv6 options so a Homenet Naming Authority (HNA) can automatically proceed to the appropriate configuration and outsource the authoritative naming service for the home network. In most cases, the outsourcing mechanism is transparent for the end user. Informative References Several IPv6 transition technologies have been developed to provide customers with IPv4-as-a-Service (IPv4aaS) for ISPs with an IPv6-only access and/or core network. These technologies have their advantages and disadvantages. Depending on existing topology, skills, strategy, and other preferences, one of these technologies may be the most appropriate solution for a network operator. This document examines the five most prominent IPv4aaS technologies and considers a number of different aspects to provide network operators with an easy-to-use reference to assist in selecting the technology that best suits their needs.