So, today I did something new: I have NAT64 and DNS64 working, and my laptop is on an IPv6 only network (actually, several vlans at my office are now IPv6 only, for those brave enough to try). No IPv4 addressing period. Native IPv6 traffic traverses a tunnel to Hurricane Electric (of course), while Internet (and intranet) destinations without AAAA addresses are reached via NAT64 (and DNS64 doing its magic)
The good news is... almost everything works so far: web, email, ssh, remote desktop, ftp (yes, even ftp through NAT64).
The bad news is.. it's almost everything. I use three IM protocols: Yahoo, MSN, and AOL (one family, one old work, one current work). None of them would finish connecting.
After breaking out wireshark and looking at the packets... I realized that I went through a timewarp to 1985 and the protocol uses IP addresses embedded in the payload, not DNS names. Both Yahoo and MSN definitely, as their setup is in clear text. AOL uses SSL, so I can't decrypt it.. but I assume the same. As my laptop has no IPv4 connectivity, it can't reach the server. If the client passed back a DNS name, this would be too easy... as DNS64 already fixes that for me. But, alas... we are stuck with the ftp problem of 1985.
A 10 minute google search on Yahoo/MSN did not come up with any fixes.. such as servers with IPv6 addresses that will pass back IPv6 addresses in the payload (still a bad practice... did we not learn ANYTHING from FTP?).
So, several questions for anyone/everyone:
1) Has anyone else already tried this and found Yahoo/Aol/MSN/whatever servers that are IPv6 friendly?
2) Are there any IM clients where the protocols are IPv6 aware/friendly? This looks like a protocol issue, not a client (as I'm running Pidgin for all three), but I will try using the official clients tomorrow on my Windows box and see if there's a difference.
I expect I could "solve" this by configuring a proxy, and letting the client have v6 connectivity to the proxy, but... this smacks of cheating. While the IM clients may be IPv4 only, they are all smart enough to use proxies. A proxy would not be my first choice, though, as if a proxy was "the" answer, we could skip the whole NAT64/DNS64 stuff and configure a SOCKS proxy on every box.
I may still do that.. (in fact, I could probably use a native v4 only proxy for it, again with NAT64/DNS64 magic), but looking for alternatives? I expect that any transition would want a proxy for just such one-offs anyway... but looking for other options.