Date: Thu, 1 Jun 2017 20:49:29 -0500 From: Karl Denninger <karl@denninger.net> To: freebsd-net@freebsd.org Subject: Ipv6 / DNS questions Message-ID: <759e086e-e6c3-3b3a-1578-834af5adce0d@denninger.net>
next in thread | raw e-mail | index | archive | help
This is a cryptographically signed message in MIME format. --------------ms080207030709010103050109 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Perusing through the various documentation I've not yet found an answer to this, and figure someone might know where to point me before I start banging code beyond a shell script or three. Assuming we have a "dual stack" system on the Internet; the provider is willing to allocate us anywhere from a /56 to a /64 off stateless Ipv6 which our gateway (running FreeBSD), and that is working using dhcp6c.=20 Said gateway then (typically) gets said /56 and allocates a /64 on the internal interface, and runs rtadvd. The clients run rtsold and are getting addresses just fine. Windows clients, Android phones and similar are also having no problems. Now posit a host "inside" the gateway that I wish to have an exposed service on the Internet. In the IPv4 world I run NAT, the DMZ'd host is on a private address, and I port-twist at the gateway (e.g. a connection to TCP port 5050 on the gateway goes to x.x.x.x:5050 on the internal host.) The external client is none the wiser; he only sees the single outside IP. For IPv6 of course the internal address is routable, but this leads to a problem -- how does the outside guy know where it is? Is there a dynamic DNS update method associated with Ipv6's address assignment system? Since the assignment is "stateless" it obviously (and does, in my experience!) move. I can deal with it via a couple of shell scripts, and there are only a couple of hosts where it matters, but this would dramatically simplify the IPv4 gameplaying that's necessary to have something behind a gateway router while on a "globally visible", but possibly changing "at whim", IpV6 address. I assume someone has gone after this issue by now so if there's "prior art" a pointer would be appreciated. Thanks in advance! --=20 Karl Denninger karl@denninger.net <mailto:karl@denninger.net> /The Market Ticker/ /[S/MIME encrypted email preferred]/ --------------ms080207030709010103050109 Content-Type: application/pkcs7-signature; name="smime.p7s" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="smime.p7s" Content-Description: S/MIME Cryptographic Signature MIAGCSqGSIb3DQEHAqCAMIACAQExDzANBglghkgBZQMEAgMFADCABgkqhkiG9w0BBwEAAKCC BlwwggZYMIIEQKADAgECAgE9MA0GCSqGSIb3DQEBCwUAMIGQMQswCQYDVQQGEwJVUzEQMA4G A1UECBMHRmxvcmlkYTESMBAGA1UEBxMJTmljZXZpbGxlMRkwFwYDVQQKExBDdWRhIFN5c3Rl bXMgTExDMRwwGgYDVQQDExNDdWRhIFN5c3RlbXMgTExDIENBMSIwIAYJKoZIhvcNAQkBFhND dWRhIFN5c3RlbXMgTExDIENBMB4XDTE2MTIxODE5NDUzNVoXDTIxMTIxNzE5NDUzNVowVzEL MAkGA1UEBhMCVVMxEDAOBgNVBAgTB0Zsb3JpZGExGTAXBgNVBAoTEEN1ZGEgU3lzdGVtcyBM TEMxGzAZBgNVBAMUEmthcmxAZGVubmluZ2VyLm5ldDCCAiIwDQYJKoZIhvcNAQEBBQADggIP ADCCAgoCggIBAM2N5maxs7NkoY9g5NMxFWll0TYiO7gXrGZTo3q25ZJgNdPMwrntLz/5ewE9 07TEbwJ3ah/Ep9BfZm7JF9vTtE1HkgKtXNKi0pawNGm1Yn26Dz5AbUr1byby6dFtDJr14E07 trzDCtRRvTkOVSBj6PQPal0fAnDtkIYQBVcuMkXkuMCtyfE95pjm8g4K9l7lAcKii3T1/3rE hCc1o2nBnb7EN1/XwBeCDGB+I2SN/ftZDbKQqGAF5q9dUn+iXU7Z/CVSfUWmhVh6cVZA4Ftv TglUqj410OuPx+cUQch3h1kFgsuhQR63HiJc3HbRJllHsV0rihvL1CjeARQkhnA6uY9NLFST p5I/PfzBzW2MSmtN/tGZvmfKKnmtbfUNgkzbIR1K3lsum+yEL71kB93Xtz/4f1demEx5c8TJ RBIniDHjDeLGK1aoBu8nfnvXAvgthFNTWBOEoR49AHEPjC3kZj0l8JQml1Y8bTQD5gtC5txl klO60WV0EufU7Hy9CmynMuFtjiA2v71pm097rXeCdrAKgisdYeEESB+SFrlY65rLiLv4n8o1 PX7DqRfqKkOYIakZ0ug/yHVKcq2EM3RiJxwzls5gT70CoOBlKbrC98O8TA6teON0Jq30M06t NTI2HhvNbJDLbBH+Awf4h1UKB+0ufENwjVvF5Jfz8Ww/FaSDAgMBAAGjgfQwgfEwNwYIKwYB BQUHAQEEKzApMCcGCCsGAQUFBzABhhtodHRwOi8vY3VkYXN5c3RlbXMubmV0Ojg4ODgwCQYD VR0TBAIwADARBglghkgBhvhCAQEEBAMCBaAwCwYDVR0PBAQDAgXgMCwGCWCGSAGG+EIBDQQf Fh1PcGVuU1NMIEdlbmVyYXRlZCBDZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQUpfAI3y+751pp9A0w 6vJHx8RoR/MwHwYDVR0jBBgwFoAUJHGbnYV9/N3dvbDKkpQDofrTbTUwHQYDVR0RBBYwFIES a2FybEBkZW5uaW5nZXIubmV0MA0GCSqGSIb3DQEBCwUAA4ICAQBiB6MlugxYJdccD8boZ/u8 d8VxmLkJCtbfyYHRjYdyoABLW5hE3k3xSpYCM9L7vzWyV/UWwDYKi4ZzxHo4g+jG/GQZfKhx v38BQjL2G9xD0Hn2d+cygOq3UPjVYlbbfQoew6JbyCFXrrZ7/0jvRMLAN2+bRC7ynaFUixPH Whnj9JSH7ieYdzak8KN+G2coIC2t2iyfXVKehzi5gdNQ0vJ7+ypbGsRm4gE8Mdo9N/WgFPvZ HPFqR9Dwas7Z+aHwOabpk5r/336SyjOaZsn3MqKJQZL6GqDKusVOCWt+9uFAD8kadg7FetZe atIoD9I+zbp59oVoMnkMDMx7Hi85faU03csusqMGsjSsAzWSI1N8PJytZlchLiykokLKc3OL G87QKlErotlou7cfPX2BbEAH5wmkj9oiqZhxIL/wwAUA+PkiTbEmksKBNompSjUq/6UsR8EA s74gnu17lmijv8mrg2qMlwRirE7qG8pnE8egLtCDxcjd0Of9WMi2NJskn0/ovC7P+J60Napl m3ZIgPJst1piYSE0Zc1FIat4fFphMfK5v4iLblo1tFSlkdx1UNDGdg/U+LaXkNVXlMp8fyPm R80V6cIrCAlEWnBJNxG1UyfbbsvNMCCZBM4faGGsR/hhQOiydlruxhjL6P8J2WV8p11DdeGx KymWoil2s1J5WTGCBRMwggUPAgEBMIGWMIGQMQswCQYDVQQGEwJVUzEQMA4GA1UECBMHRmxv cmlkYTESMBAGA1UEBxMJTmljZXZpbGxlMRkwFwYDVQQKExBDdWRhIFN5c3RlbXMgTExDMRww GgYDVQQDExNDdWRhIFN5c3RlbXMgTExDIENBMSIwIAYJKoZIhvcNAQkBFhNDdWRhIFN5c3Rl bXMgTExDIENBAgE9MA0GCWCGSAFlAwQCAwUAoIICTTAYBgkqhkiG9w0BCQMxCwYJKoZIhvcN AQcBMBwGCSqGSIb3DQEJBTEPFw0xNzA2MDIwMTQ5MjlaME8GCSqGSIb3DQEJBDFCBEB91M55 UBZer7XlL3sT8nF1iClbYC1wgtXrQ5kEIUNk3m/lAL3DEt+3igdGQlR6CFGIx0gewzubq/Rs n57Ki4ZrMGwGCSqGSIb3DQEJDzFfMF0wCwYJYIZIAWUDBAEqMAsGCWCGSAFlAwQBAjAKBggq hkiG9w0DBzAOBggqhkiG9w0DAgICAIAwDQYIKoZIhvcNAwICAUAwBwYFKw4DAgcwDQYIKoZI hvcNAwICASgwgacGCSsGAQQBgjcQBDGBmTCBljCBkDELMAkGA1UEBhMCVVMxEDAOBgNVBAgT B0Zsb3JpZGExEjAQBgNVBAcTCU5pY2V2aWxsZTEZMBcGA1UEChMQQ3VkYSBTeXN0ZW1zIExM QzEcMBoGA1UEAxMTQ3VkYSBTeXN0ZW1zIExMQyBDQTEiMCAGCSqGSIb3DQEJARYTQ3VkYSBT eXN0ZW1zIExMQyBDQQIBPTCBqQYLKoZIhvcNAQkQAgsxgZmggZYwgZAxCzAJBgNVBAYTAlVT MRAwDgYDVQQIEwdGbG9yaWRhMRIwEAYDVQQHEwlOaWNldmlsbGUxGTAXBgNVBAoTEEN1ZGEg U3lzdGVtcyBMTEMxHDAaBgNVBAMTE0N1ZGEgU3lzdGVtcyBMTEMgQ0ExIjAgBgkqhkiG9w0B CQEWE0N1ZGEgU3lzdGVtcyBMTEMgQ0ECAT0wDQYJKoZIhvcNAQEBBQAEggIARyO8hA7TPoM3 G5CHrfoZZTxCETGuzOWwlDbUjF+EWnWVtARTzVDqr0iMSbymX9aWBTpDnxScsu2sz2z0scK6 xUpGsTcGED+/1zdc682xBGQfpizmQe9jcpPsi10iMJjl6uJg5nYnVs/JATAs8IAUDWppBov0 wuGL4s6HGOhAwPfeggD8KoaVT/prNdfXqSUECNC8O9mFA3oGzRTCwhSKgqUofE+dPU1HSMgp zg1q6O/ZI/amfFQUB4+OFtEc+ScOClmOqFsG3fNlW1kz9wuJ3j1dEuIwewhv5RNVnvIMGS/M G8EKqRC5l3hq91Q9ieYdnHIRlRZy9owUaPgShS37x4l+yIyfVyXkhtuptVlwYdbZJHNRGC3t /3UlwjGfKO4oVGu3Qo4/p+7MASecCVLEF7irzJA1mecAHMelhwd2kBpEc2+Cdsh5xGAXCp54 gYAE5DdqZWd7/pMO0GOw7hINvX99+vUfbQQVAAsg03PzTzBSIlz6vTv8RjbyOwG47894Id5A zLXGceTiUUAq8wpGwTLYpJoZu93hMt0kQTGlyCSwkEIFtsUBSySXBKoV7dnLoLFvmNAYNy2B C5ENZN2IluW8CdUPLOWRwKtPXvmGAIa8Xs4O3dSk6L8EU9pFeLARK7nE/AY/zyEcyTvYBS9h bvQs8loo4FZJQCQIsLEENVcAAAAAAAA= --------------ms080207030709010103050109--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?759e086e-e6c3-3b3a-1578-834af5adce0d>