DNS(Domain Name System) is the crucial part of any service provider. As we are moving towards IPv6 world, DNS role would be crucial to resolve the IP addresses to name.
The utmost challenge is when the host is IPv6 and would like to access IPv4 internet servers. In that case DNS64 will come into play and make some amendments after getting reply from IPv4 servers and sent its request with synthesized AAAA reply to host.(Scenario 3)
I have made three different scenarios as depicted below:-
1. NAT44 DNS Flow
2. IPv6 User Accessing IPv6 Internet (DNS Flow)
3. IPv6 User Accessing IPv4 Internet (DNS Flow)
Scenario 1:- IPv4 User Accessing IPv4 Internet
Figure 1
DNS flow is very simple, IPv4 user sends a request to DNS server with A request, DNS server checks it locally and in case doesn't fid any results it sends an request to the internet DNS server which is also known as authoritative dns server. Internet DNS server replies it back with A reply.
Scenario 2:- IPv6 User Access IPv6 Internet
Figure 2
This is the same flow as we have seen in scenario 1.
Scenario 3:- Ipv6 Host Access IPv4 Internet
Figure 3
Step 1:- IPv6 user sends a AAAA request of a website to DNS64 server.
Step 2:- DNS64 server sends a request to the internet authoritative DNS server.
Step 3:- Internet DNS sends a NULL reply to the local DNS64 server, as it doesn't have AAAA entry of the request website.
Step 4:- Local DNS64 server sends A request to Internet DNS server.
Step 5:- Internet DNS server sends reply to A request.
Step 6:- Local DNS64 server creates a synthesised AAAA reply and sends it to local subscriber.
Steo 7:- Local Subscriber sends a IPv6 request website to NAT64 device which is also known as carrier grade nat device. That device creates a 6to4 entry in the table and forwards the request to the IPv4 internet server.
Check the depicted below example how DNS64 synthesised AAAA reply to IPv4 host when DNS64 receives IPv4 address from Internet server.
Figure 4
1 comment:
Thanks for the details. I think the label 'ipv4 private traffic' should change as ipv6 private traffic in figure 1,2 and 3
Post a Comment