[Info-vax] implementing IPv6 on the internet

[Dirk Munk]

Chris wrote:
> On 09/23/16 22:12, Dirk Munk wrote:
>
>> Great, and how does the router know the IPv6 address of Microsoft, or
>> even better, how does the router know it has to send the packet to the
>> IPv6 address of Microsoft?
>
> The router doesn't have to ask those questions, as it already knows
> that it is on a v6 network on the WAN side, having a V6 address from
> the isp. Assuming the above, the router will always use v6 for it's
> dns request to the isp. The problem I can see with this is that
> translating to the local V4 subnet, it may have to use a dummy v4 dns
> value in it's reply to the subnet node, perhaps by stripping off some
> of the bits, or a hash function, but so long as the router keeps track
> of that, it will work, much as tcp connections are tracked through
> state tables.
>
>> The PC did a nslookup remember, the router didn't. The router doesn't
>> know it has to exchange the IPv4 address of microsoft by the IPv6
>> address, how could it? If the PC sends something to an IPv4 address, how
>> can the router know if this destination also has an IPv6 address?
>
> The pc doesn't care. It makes a dns request via the *router* and uses
> whatever its given in reply. The fact that that it may or may not be a
> genuine address for Google whatever, doesn't matter, so long as there
> is agreement in translation terms.

Really? This will break SSL/TLS because there is a check on IP address. 
When the DNS name and the IP address don't match the one on the 
certificate, you will get a violation warning, and some browsers refuse 
to connect all together.

Since there is a tendency to use HTTPS only, you will not be able to use 
a web browser any more.

>
> Heck, i'm not designing this stuff, but doesn't look too arduous to
> me. There again, if you can only think of stuff to stop it working,
> you would never start anything, right ?...
>
> Regards,
>
> Chris