DNS64 & nslookup

[Chuck Swiger]

On Apr 11, 2018, at 3:09 PM, Rick Tillery <rtillerywork at gmail.com> wrote:
> I appear to have my NAT64+DN64 IPv6 -> IPv4 network configured correctly, as I can access IPv4 only Internet sites, e.g. from my browser.  But some tools don't seem to work the way I think they should.
> 
> One example is nslookup.  If do nslookup ipv4.google.com, I get:
> 
> $ nslookup ipv4.google.com
> Server:         2001:4:1f:98::2
> Address:        2001:4:1f:98::2#53
> 
> Non-authoritative answer:
> ipv4.google.com canonical name = ipv4.l.google.com.
> Name:   ipv4.l.google.com
> Address: 216.58.218.110
> 
> Shouldn't the address (last line) be an IPv6 address (prefixed IPv4 address, created by NAT64, such as 64:ff9b::216.58.218.110)?

Nope.  Whether your local system connects to IPv4 addresses via NAT64-formatted IPv6 addresses is unrelated to DNS lookups of A or AAAA records.  If you ask for an A record, you will get IPv4 address(es) back or 0 records, not an IPv6 address.

By the way, debugging DNS issues by using nslookup is difficult; try switching to dig and consider the results of running "dig -t a ipv4.l.google.com." and "dig -t aaaa ipv4.l.google.com."

Regards,
-- 
-Chuck