Skip to main content

Special Use Domain Name 'ipv4only.arpa'
draft-cheshire-sudn-ipv4only-dot-arpa-01

The information below is for an old version of the document.
Document Type
This is an older version of an Internet-Draft that was ultimately published as RFC 8880.
Authors Stuart Cheshire , David Schinazi
Last updated 2016-05-19
RFC stream (None)
Formats
Reviews
Stream Stream state (No stream defined)
Consensus boilerplate Unknown
RFC Editor Note (None)
IESG IESG state Became RFC 8880 (Proposed Standard)
Telechat date (None)
Responsible AD (None)
Send notices to (None)
draft-cheshire-sudn-ipv4only-dot-arpa-01
Network Working Group                                        S. Cheshire
Internet-Draft                                               D. Schinazi
Updates: 7050 (if approved)                                   Apple Inc.
Intended status: Standards Track                            May 19, 2016
Expires: November 20, 2016

                Special Use Domain Name 'ipv4only.arpa'
                draft-cheshire-sudn-ipv4only-dot-arpa-01

Abstract

   The document "Discovery of the IPv6 Prefix Used for IPv6 Address
   Synthesis" [RFC7050] specifies the Special Use Domain Name
   'ipv4only.arpa', with certain precise special properties, but,
   perversely, the Domain Name Reservation Considerations section
   [RFC6761] in that document then goes on to deny the specialness of
   that name, and (as of May 2016) the name 'ipv4only.arpa' does not
   appear in the Special-Use Domain Names registry.

   This document updates RFC 7050 with a more appropriate summary of the
   legitimate and useful special properties of the name ipv4only.arpa.

Status of this Memo

   This Internet-Draft is submitted in full conformance with the
   provisions of BCP 78 and BCP 79.

   Internet-Drafts are working documents of the Internet Engineering
   Task Force (IETF).  Note that other groups may also distribute
   working documents as Internet-Drafts.  The list of current Internet-
   Drafts is at http://datatracker.ietf.org/drafts/current/.

   Internet-Drafts are draft documents valid for a maximum of six months
   and may be updated, replaced, or obsoleted by other documents at any
   time.  It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than as "work in progress."

   This Internet-Draft will expire on November 20, 2016.

Copyright Notice

   Copyright (c) 2016 IETF Trust and the persons identified as the
   document authors.  All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents
   (http://trustee.ietf.org/license-info) in effect on the date of

Cheshire & Schinazi     Expires November 20, 2016               [Page 1]
Internet-Draft                  Dot Home                        May 2016

   publication of this document.  Please review these documents
   carefully, as they describe your rights and restrictions with respect
   to this document.  Code Components extracted from this document must
   include Simplified BSD License text as described in Section 4.e of
   the Trust Legal Provisions and are provided without warranty as
   described in the Simplified BSD License.

1.  Introduction

   The document "Discovery of the IPv6 Prefix Used for IPv6 Address
   Synthesis" [RFC7050] specifies the Special Use Domain Name
   'ipv4only.arpa', with certain precise special properties, but,
   perversely, the Domain Name Reservation Considerations section
   [RFC6761] in that document denies the specialness of that name, and
   (as of May 2016) the name 'ipv4only.arpa' does not appear in the
   Special-Use Domain Names registry [SUDN].

   As a result of the name 'ipv4only.arpa' being formally declared to
   have no special properties, there was no mandate for software to
   treat this name specially.  Consequently, queries for this name have
   to be handled normally, and result in a large volume of unnecessary
   queries to the 'arpa' name servers.

   At times, for reasons that are as yet unclear, the 'arpa' name
   servers have been observed to be slow or unresponsive.  The failures
   of these 'ipv4only.arpa' queries result in failures of software that
   depends on them for NAT64 address synthesis.

   Having millions of devices around the world issue these queries
   generates pointless additional load on the 'arpa' name servers, which
   is completely unnecessary when this name is defined, by Internet
   Standard, to have only two address records, 192.0.0.170 and
   192.0.0.171, and no other records.

   To remedy this situation, this document updates RFC 7050 with a more
   appropriate Domain Name Reservation Considerations section [RFC6761]
   that properly lists the desirable and beneficial special handling for
   ipv4only.arpa.

2.  Conventions and Terminology Used in this Document

   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
   "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and
   "OPTIONAL" in this document are to be interpreted as described in
   "Key words for use in RFCs to Indicate Requirement Levels" [RFC2119].

Cheshire & Schinazi     Expires November 20, 2016               [Page 2]
Internet-Draft                  Dot Home                        May 2016

3.  Security Considerations

   Hard-coding the answers for ipv4only.arpa queries avoids the risk of
   malicious devices intercepting those queries and returning incorrect
   answers.

   DNSSEC signing issues for the ipv4only.arpa address records don't
   apply, since the only use of the ipv4only.arpa name is to trigger
   synthesis of NAT64 AAAA records, which aren't signed by arpa anyway.

4.  IANA Considerations

   [Once published, this should say]
   IANA has recorded the name 'ipv4only.arpa' in the Special-Use Domain
   Names registry [SUDN].

4.1.  Domain Name Reservation Considerations

   The name 'ipv4only.arpa' is special only to
   (a) client software wishing to perform NAT64 address synthesis, and
   (b) the DNS64 server responding to such requests.
   These two considerations are listed in items 2 and 4 below:

   1.  Normal users should never have reason to encounter the
       ipv4only.arpa domain name.  If they do, queries for ipv4only.arpa
       should result in the answers specified in RFC 7050.
       Normal users have no need to know that ipv4only.arpa is special.

   2.  Application software may explicitly use the name ipv4only.arpa
       for NAT64 address synthesis, and expect to get the answers
       specified in RFC 7050.  If application software encounters the
       name ipv4only.arpa in the normal course of handling user input,
       the application software should resolve that name as usual and
       need not treat it in any special way.

   3.  Name resolution APIs and libraries SHOULD NOT recognize
       ipv4only.arpa as special and SHOULD NOT treat it differently.
       Name resolution APIs SHOULD send queries for this name to their
       configured recursive/caching DNS server(s).

Cheshire & Schinazi     Expires November 20, 2016               [Page 3]
Internet-Draft                  Dot Home                        May 2016

   4.  Recursive/caching DNS servers SHOULD recognize ipv4only.arpa as
       special and SHOULD NOT, by default, attempt to look up NS records
       for it, or otherwise query authoritative DNS servers in an
       attempt to resolve this name.  Instead, recursive/caching DNS
       servers SHOULD, by default, act as authoritative and generate
       immediate responses for all such queries.

       Traditional recursive/caching DNS servers that act as
       authoritative for this name MUST generate only the 192.0.0.170
       and 192.0.0.171 responses for these queries, and no others.

       All DNS64 recursive/caching DNS servers MUST generate the
       192.0.0.170 and 192.0.0.171 address record responses for these
       queries, and MUST generate the appropriate synthesized IPv6
       address record responses for all AAAA queries.
       This local self-contained generation of these responses is to
       avoid placing unnecessary load on the 'arpa' name servers.

   5.  Traditional authoritative DNS server software need not recognize
       ipv4only.arpa as special or handle it in any special way.
       As a practical matter, only the administrators of the 'arpa'
       namespace will configure their name servers to be authoritative
       for this name and to generate the appropriate answers; all other
       authoritative name servers will not be configured to know
       anything about this name and will reject queries for it as they
       would reject queries for any other name about which they have no
       information.

   6.  Generally speaking, operators of authoritative DNS servers need
       not know anything about the name ipv4only.arpa, just as they
       don't need to know anything about any other names they are not
       responsible for.  Operators of authoritative DNS servers who are
       configuring their name servers to be authoritative for this name
       MUST understand that ipv4only.arpa is a special name, with
       answers specified by Internet Standard (generally this applies
       only to the administrators of the 'arpa' namespace).

   7.  DNS Registries/Registrars need not know anything about the name
       ipv4only.arpa, just as they don't need to know anything about any
       other name they are not responsible for.  Only the administrators
       of the 'arpa' namespace need to be aware of this name's purpose
       and how it should be configured.

Cheshire & Schinazi     Expires November 20, 2016               [Page 4]
Internet-Draft                  Dot Home                        May 2016

5.  References

5.1.  Normative References

   [RFC2119]  Bradner, S., "Key words for use in RFCs to Indicate
              Requirement Levels", BCP 14, RFC 2119, DOI 10.17487/
              RFC2119, March 1997,
              <http://www.rfc-editor.org/info/rfc2119>.

   [RFC6761]  Cheshire, S. and M. Krochmal, "Special-Use Domain Names",
              RFC 6761, DOI 10.17487/RFC6761, February 2013,
              <http://www.rfc-editor.org/info/rfc6761>.

   [RFC7050]  Savolainen, T., Korhonen, J., and D. Wing, "Discovery of
              the IPv6 Prefix Used for IPv6 Address Synthesis",
              RFC 7050, DOI 10.17487/RFC7050, November 2013,
              <http://www.rfc-editor.org/info/rfc7050>.

5.2.  Informative References

   [SUDN]     "Special-Use Domain Names Registry", <http://www.iana.org/
              assignments/special-use-domain-names/>.

Authors' Addresses

   Stuart Cheshire
   Apple Inc.
   1 Infinite Loop
   Cupertino, California  95014
   USA

   Phone: +1 408 974 3207
   Email: cheshire@apple.com

   David Schinazi
   Apple Inc.
   1 Infinite Loop
   Cupertino, California  95014
   USA

   Phone: +1 669 227 9921
   Email: dschinazi@apple.com

Cheshire & Schinazi     Expires November 20, 2016               [Page 5]