forced to execute DNS64
Mark Andrews
marka at isc.org
Tue Oct 11 22:03:32 UTC 2016
Exclude Facebook's IPv6 range.
dns64 <prefix> {
exclude {
::ffff:0:0/96; // mapped addresses
2a03:2880::/29; // Facebook
};
};
In message <389ab5475d0a441a9cc175f0326e597e at skt-tnetpmx2.SKT.AD>, LEE SUKMOON
writes:
>
> Thanks for reply.
>
> But a client's network is ipv6 network.
> Client obtains a ipv6 address. Then client connect to global ipv6 address
> over oversea.
> But client obtains a ipv4 address(DNS64 translated ipv6 address).
> Then client connect to NAT64, and connect to local ipv4 service(ex: CDN).
>
> I tried to modify a test code. This code works similar to what I think.
> Without modify program, similarly I wondered whether the operation is set
> to do so.
>
> Thanks.
>
>
>
> root at smlee:/root/isc $ diff -Nur bind-9.9.9-P3/ bind-9.9.9-P3-dns64/
> diff -Nur bind-9.9.9-P3/bin/named/query.c
> bind-9.9.9-P3-dns64/bin/named/query.c
> --- bind-9.9.9-P3/bin/named/query.c 2016-09-09 11:47:21.000000000
> +0900
> +++ bind-9.9.9-P3-dns64/bin/named/query.c 2016-10-11
> 16:41:14.741269111 +0900
> @@ -6022,6 +6022,17 @@
> client->query.dboptions, client->now,
> &node, fname, &cm, &ci, rdataset,
> sigrdataset);
>
> + if (type==dns_rdatatype_aaaa && result==ISC_R_SUCCESS) {
> + char fbufDNS_NAME_FORMATSIZE = "<unset>";
> +
> + if (fname != NULL) {
> + dns_name_format(fname, fbuf, sizeof(fbuf));
> + if (strcmp("star-mini.c10r.facebook.com",
> fbuf)==0) {
> + result=DNS_R_NCACHENXRRSET;
> + }
> + }
> + }
> +
> resume:
> CTRACE(ISC_LOG_DEBUG(3), "query_find: resume");
>
> root at smlee:/root/isc $
>
>
> root at smlee:/root/isc $ dig @127.0.0.1 star-mini.c10r.facebook.com aaaa
> +short
> 2a03:2880:f10b:83:face:b00c:0:25de
> root at smlee:/root/isc $ dig @127.0.0.1 star-mini.c10r.facebook.com aaaa
> +short
> 64:ff9b::1f0d:4a24
> root at smlee:/root/isc $ dig @127.0.0.1 star-mini.c10r.facebook.com aaaa
> +short
> 64:ff9b::1f0d:4a24
> root at smlee:/root/isc $ dig @127.0.0.1 star-mini.c10r.facebook.com aaaa
> +short
> 64:ff9b::1f0d:4a24
>
>
> > -----Original Message-----
> > From: Mark Andrews mailto:marka at isc.org
> > Sent: Tuesday, October 11, 2016 2:14 PM
> > To: /ICT Solution
> > Cc: bind-users at lists.isc.org
> > Subject: Re: forced to execute DNS64
> >
> >
> > DNS64 doesn't work like that.
> >
> > If you are having problems connecting over IPv6 contact your service
> > provider. Facebook treats IPv6 as a production service and will deal
> > with connectivity issues.
> >
> > If you want to force browsers to use IPv4 then send back RST to the
> > connection attempts to reach the facebook servers. They should fail
> over
> > to using IPv4. This should only require configuring the firewall on
> your
> > router appropriately.
> >
> > Mark
> >
> > In message <aac4f429ca6d4d1e86a98d8057f77b87 at skt-tnetpmx2.SKT.AD>, LEE
> > SUKMOON
> > writes:
> > > Hello, All.
> > >
> > > Many clients queries to IPv6(IN/AAAA) domain.
> > > But IPv6 network is so far, then slow then IPv4 network.
> > >
> > > I want to forced dns64 for special domain.
> > >
> > > Example, 'm.facebook.com' IN/AAAA address is
> > > '2a03:2880:f115:83:face:b00c:0:2 5de'.
> > > But I don't want to use IPv6 address. So I want to use dns64 translate
> > > addres s.
> > >
> > > m.facebook.com. 600 IN CNAME
> star-mini.c10r.facebook
> > > .com.
> > > star-mini.c10r.facebook.com. 1351 IN AAAA
> > 2a03:2880:f115:83:face:
> > > b00c:0:25de
> > >
> > > Is it possible? Or should modify source?
> > > Thanks.
> > >
> > > _______________________________________________
> > > Please visit https://lists.isc.org/mailman/listinfo/bind-users to
> > > unsubscribe from this list
> > >
> > > bind-users mailing list
> > > bind-users at lists.isc.org
> > > https://lists.isc.org/mailman/listinfo/bind-users
> > --
> > Mark Andrews, ISC
> > 1 Seymour St., Dundas Valley, NSW 2117, Australia
> > PHONE: +61 2 9871 4742 INTERNET: marka at isc.org
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: marka at isc.org
More information about the bind-users
mailing list