[AusNOG] Telstra IPv6 Wireless Enablement - IPv6 Single Stack

Mark Andrews marka at isc.org
Thu Feb 6 16:28:37 EST 2020 

Telstra need to be at least intercepting queries for ipv4only.arpa/AAAA to allow CLATs to discover the NAT64 prefix.

Note that doesn’t work if you are using DoH, DoT, TSIG or any other cryptographic mechanism to protect your DNS queries.  It also doesn’t work if you are using DNSSEC to verify the answers as IANA decided to sign ipv4only.arpa.

Mark

> On 6 Feb 2020, at 16:03, Peter Tonoli <peter+ausnog at metaverse.org> wrote:
> 
> Hi Russell,
> 
> This is great news.
> 
> On 6/2/20 3:27 pm, Russell Langton wrote:
>> Hi AusNOGgers,
>> 
>> Following our dual-stack enablement in Aug 2016, Telstra is proud the announce the second step in our transition to IPv6 -  IPv6 Single-Stack deployment on Telstra wireless.
>> This means shortly when you attach your mobile to Telstra.WAP APN it will only get an Ipv6 address NO Ipv4 address.
>> 
>> 
>>  * Basic flow *
>> - If Alice is connecting to a website with a Ipv6 AAAA DNS record, It will be a pure Ipv6 connection.
>> - If Alice is connecting to a website with only a A DNS record, our DNS will spoof the website address with a Well Known Prefix (WKP) so it routes to the NAT64 gateway to Ipv4 internet.
>> - If Alice is connecting to a Ipv4 address literal(x.x.x.x), It may fail.
> 
> I hope this is not a naive question:
> 
> Is there a higher chance of brokenness when users choose to use other DNS services (i.e. Cloudflare / DoH), apart from Telstra, due to the lack of WKP in the response from those providers?
> 
> Cheers,
> Peter.
> 
> 
> 
> -- 
> Peter Tonoli
> Vice Chair, Electronic Frontiers Australia <https://efa.org.au> - Director, Internet Australia <https://internet.org.au>
> T: @peter_tonoli <https://twitter.com/peter_tonoli> W: peter.tono.li <https://peter.tono.li> E: peter at metaverse.org
> L: au.linkedin.com/in/petertonoli M: +61413982000
> _______________________________________________
> AusNOG mailing list
> AusNOG at lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog

-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742              INTERNET: marka at isc.org

More information about the AusNOG mailing list