[dns-operations] can ipv6 still break dns ?

[Doug Barton]

On Tue, 27 Jul 2010, christoph wrote:

> Hi all,
>
> I just want to know if publishing ipv6-addresses for resolvers or
> authoritive nameservers can break anything.

Anything can break anything if one or both ends are misconfigured badly 
enough. :)

> What about old exchange installations or old OSes ?
> Are there any numbers somewhere ?

Ah, the real question. There are still clients, and client OS's that are 
configured to ask for AAAA records even though they can't use them. In 
those cases, the clients will see a slowdown while they flail about with 
the AAAA stuff, usually no more than a second or two.

There are estimates that the percentage of end-user clients with this 
kind of problem are in the single digits, almost certainly in the low 
single digits, and by some estimates less than 1% (but that depends 
greatly on the content you're serving). For "infrastructure" stuff like 
nameserver <> nameserver communication although there will be a long 
tail of "some" stuff being broken for a long time (because there always 
is with DNS) you should see less brokenness than people do for end-user 
stuff.

A bit of anecdotal evidence, on the FreeBSD mailing lists we used to see 
this exchange fairly often:
OP:	My DNS has suddenly become slow, help help!
ME:	Have you configured IPv6 on the system without actually having
         IPv6 transport available?
OP:	Um....
ME:	Put -4 in the command line flags for named and see if it helps
OP:	Yay, that worked, thanks!

I haven't seen that complaint for a long time on our lists anyway.


hth,

Doug (short answer, just do it!)

-- 

 	Improve the effectiveness of your Internet presence with
 	a domain name makeover!    http://SupersetSolutions.com/

 	Computers are useless. They can only give you answers.
 			-- Pablo Picasso