DHCPv6 Dynamic DNS
ReconfigurationCisco Systems, Inc.170 West Tasman DriveSan JoseCalifornia95134USAdwing@cisco.comCisco Systems, Inc.Cessna Business Park, Varthur HobliSarjapur Marathalli Outer Ring RoadBangaloreKarnataka560103Indiatireddy@cisco.comCisco Systems, Inc.BangaloreIndiapraspati@cisco.comFrance TelecomRennes35000Francemohamed.boucadair@orange.comDHC Working GroupSome networks are expected to support IPv4-only, dual-stack, and
IPV6-only hosts at the same time. This makes prioritizing the DNS
servers for hosts tricky due to a heterogeneous mix of protocol stacks
causing optimal behavior to occur only when the host stack
re-initializes. The networks infrastructure is usually well equipped to
be aware of single/dual-stack nature of hosts. This specification
extends DHCPv6 so that a DHCPv6 Relay Agent can dynamically influence
the priority of DNS servers provided to the host, so that the host can
use an optimal DNS server for resolution.The default address selection rules prefers
IPv6 over IPv4. If a dual-stack host is configured to use a DNS64
server, that DNS64 server will synthesize a AAAA response if there is an
A record. Thus, the dual-stack host will always use IPv6 if a DNS lookup
was involved, even if IPv4 could have been used more optimally. If NAT44
and NAT64 are deployed on the same network, it is preferable to use
NAT44 over NAT64 because of scale, performance and application
incompatibility issues (e.g., FTP) . At the same
time, native IPv6 can still be preferred over IPv4. The DHCPv6 Relay
Agent can observe host characteristics on a network to determine if the
host is IPV4-only, dual-stack or IPV6-only and also determine
transitions from single to dual-stack or vice-versa. In this document we
propose a specification that allows the DHCPv6 Relay Agent to influence
the DHCPv6 Server to send appropriately prioritized DNS Servers to the
client as per host characteristics.The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in .DNS server : DNS server using an IPv4-mapped IPv6 address (that is,
an IPv6 address starting with ::ffff:/96 IPv4-mapped prefix). Hosts can
communicate with the DNS server only using IPv4 packets , section 4.2.DNS64 server : DNS server using an IPv6 address and synthesizes AAAA
records from A records This document describes a new DHCPv6 Option that can be used with the
DHCPv6 RECONFIGURE_REQUEST by the DHCPv6 Relay Agent
to indicate to the DHCPv6 Server of the priority of DNS servers to be
provided to the specified host. The DHCPv6 Server then sends a
Reconfigure message to the host providing updated/re-ordered DNS server
list as suggested by the Relay Agent. The idea is for the DHCPv6 Relay
Agent to dynamically send the reconfigure message based on host
characteristics.IPv6-only transition to Dual-Stack
: In case a host is IPv6-only to start off, it is provided a DNS64
Server. When transitioning to dual-stack, an IPv4 DNS Server is
assigned as a consequence of obtaining an IPv4 Address. The DHCPv6
Relay Agent can detect this and send a RECONFIGURE_REQUEST message
to the DHCPv6 Server indicating that the host needs to be provided
with a regular DNS Server followed by DNS64 server. In lieu of this
mechanism, the host would continue to use the DNS64 server until the
host stack reinitializes.Dual-Stack to IPv6-only : In case a
host is dual-stack, it is provided with a regular DNS server
followed by DNS64 server. When transitioning to IPv6-only, the
DHCPv6 Relay Agent can detect this and send a RECONFIGURE_REQUEST
message to the DHCPv6 Server indicating that the host needs to be
assigned a DNS64 server only. In lieu of this mechanism, the host
would continue to use the regular DNS Server which is inaccessible
and eventually time out to fail over to the DNS64 Server. The host
will take additional time to fully initialize causing delays in
connection.Dual-Stack to IPv4-only : In case a
host is dual-stack, it is provided with a regualr DNS server
followed by DNS64 server. When transitioning to IPv4-only, no change
is required because the host continues to use regular DNS
server.The DNS_RECONFIG option is to be used only in a RECONFIGURE_REQUEST
message and identifies the query being performed. The option includes a
flag that determines the DNS server list to be provided by the DHCPv6
server to the respective client.The option is defined below:DHCPv6 relay agents that implement this specification MUST be
configurable for sending the RECONFIGURE_REQUEST message. The Relay
Agent MUST set the "msg-type" field to RECONFIGURE_REQUEST. The Relay
Agent detects host characteristics using mechanisms discussed in . For host transition from IPv6-only to dual-Stack or
IPv4-only to dual-stack Relay Agent will set Info-flags with
IPV6_HIG_PROI_NORM_SERV and for host transition from dual-stack to IPv6
only Relay-Agent will set Info-flags with IPV6_DNS64_SERV_ONLY.Upon receiving RECONFIGURE_REQUEST message containing the
DNS_RECONFIG Option, the DHCPv6 server processing is described below
depending on the Info-flag values:IPV6_DNS64_SERV_ONLY : The DHCPv6
server will select only IPv6 address list of DNS64 recursive name
servers to be sent to the client. The DHCPv6 server will send a
reconfigure message to inform the client that the server has updated
configuration information and the client initiates an
Information-request with the server. The updated configuration will
now be sent as part of Information-request reply by the DHCPv6
server.IPV6_HIGH_PROI_NORM_SERV : The
DHCPv6 server will select DNS servers in this order, first is the
regular DNS servers and then DNS64 servers. The DHCPv6 server will
send a reconfigure message to inform the client that the server has
updated configuration information and client initiates an
Information-request with the server. The updated configuration will
now be sent as part of Information-request reply by the DHCPv6
server. The order of DNS servers provided by option
OPTION_DNS_SERVERS determines the preference for use by the DNS
client resolver thus ensuring higher
priority for regular DNS server list followed by DNS64 servers.DHCPv6 server will use the mechanism described in to create and send
Reconfigure message. The server will remember this configuration for the
life of the lease.Relay Agents can actively keep track of all IPv4/IPv6 addresses and
associated lease times assigned to hosts via the respective DHCP
servers. Relay Agents can thus detect transitions from single to
dual-stack and vice-versa efficiently. In addition to this technique,
which is to be primarily used, transitions can also be detected using
snooping mechanisms. Network devices today use mechanisms such as ARP
and NDP snooping to determine host characteristics such as IPv4/IPv6 -
MAC bindings. IPv4/IPv6 and MAC counters are also used to determine host
liveliness. These mechanisms help determine if a particular IP address
family is inactive, has reverted to using a single stack even though it
initially had dual-stack capabilities and detect active dual-stack usage
after long periods of single-stack activity.Security considerations described in are applicable to this
mechanism.IANA is requested to assign new option codes for OPTION_DNS_RECONFIG
from the option-code space as defined in section "DHCPv6 Options" of
.