[dns-operations] Missing .us and GTLD records??

Luis Uribarri uribarri at alum.mit.edu
Wed May 19 22:58:51 UTC 2010

The way a DNS resolver sees it there are actually 9 servers
showing 13 total addresses 6 unique IPv4's and 3 unique IPv6's
all 3 unique IPv6's are issued twice, and one of the 6 IPv4's is issued 

(Asking the root tell me this)
Authoritative answers can be found from:
us      nameserver = i.cctld.us.
us      nameserver = c.cctld.us.
us      nameserver = k.gtld.biz.
us      nameserver = j.gtld.biz.
us      nameserver = a.cctld.us.
us      nameserver = k.cctld.us.
us      nameserver = b.cctld.us.
us      nameserver = i.gtld.biz.
us      nameserver = j.cctld.us.
a.cctld.us      internet address =
b.cctld.us      internet address =
c.cctld.us      internet address =
i.gtld.biz      internet address =
i.cctld.us      internet address =
k.gtld.biz      internet address =
k.cctld.us      internet address =
i.gtld.biz      has AAAA address 2001:503:d1ae:ffff:ffff:ffff:ffff:ff7e
i.cctld.us      has AAAA address 2001:503:d1ae:ffff:ffff:ffff:ffff:ff7e
j.gtld.biz      has AAAA address 2001:503:a124:ffff:ffff:ffff:ffff:ff7e
j.cctld.us      has AAAA address 2001:503:a124:ffff:ffff:ffff:ffff:ff7e
k.gtld.biz      has AAAA address 2001:503:e239::3:1
k.cctld.us      has AAAA address 2001:503:e239::3:1

The DNS resolver will try to comunicate to the 9 names. If the DNS 
resolver does not have IPv6 transport the resolver can't talk to 2 out of 
those 9 names issued in the delegation. The resolver can only talk to 7
names across 6 IP's. The resolver has to do lots of extra work to overcome 
the fact that it cannot communicate to 2 out of the 9 delegated names.

For example, if j.cctld.us were given the same ip as a.cctld.us and
j.gtld.biz were given the smae ip as b.cctld.us the delegation from root 
would then show 9 servers showing 15 total addresses, 6 unique IPv4's and 
3 unique IPv6's all 3 unique IPv6's are issued twice, and 3 of the 6 
IPv4's are issued twice.

The DNS resolver (again without IPv6) would then be able to communicate to 
all 9 names across those same 6 ip's. The IPv4 only DNS resolver does not 
have to do all that extra work to overcome its lack of IPv6 conectivity.

(of course not sure if it would push the answer from root above 512, and 
that would be another issue all together)

I'm looking at it from the resolvers side.

On Wed, 19 May 2010, Brett Frankenberger wrote:

> On Wed, May 19, 2010 at 05:03:53PM -0400, Luis Uribarri wrote:
>> Now I'm a bit confused, if "J" was also a member of an IPv4 anycast
>> cloud, why not publish it?
> I think the point is that the physical server to which "J" points is
> also pointed to by A, B, C, I, or K (one or more of whose A record
> points to an anycast IP address.)
> So, for example, "B" has an A record of an anycast address pointing at
> servers 1, 2, 3, and 4.  But Server 4 has native IPv6 connectivity.  So
> "J" was created with an AAAA record of the IPv6 address of Server 4.
>> And if that can't be done, just pubish the
>> same IPv4 as one of the other working letters.
> You seem to be suggesting that 6 server names, with A,B,C,I,K all
> having a different IPv4 address, and J having the same IPv4 address as
> A, is better than A,B,C,I,K all having a different IPv4 address, and J
> not having any IPv4 address at all.  Is that an accurate summary of
> your position?  If so, why do you think that is the case?  Either way,
> you've got 5 IPv4 addresses to use.  (And, with some clients, having
> two server names with the same IPv4 address might cause inefficiencies
> if server status tracking is done by name rather than IP address.)
>> I know it will be a very very long time before I (and the majority of
>> the internet) can talk IPv6 natively. Is our punishment for that to be
>> cut off from "J".
> If "J" didn't exist, you wouldn't be objecting.  So your position seems
> to be that you believe that 5 servers, all of which have IPv4
> connectivity, is better than 6 servers, 5 of which have IPv4
> connectivity.  Is that an accurate summary of your position?  If so,
> why do you believe that having J be IPv6 only is worse than J not
> existing at all?
>     -- Brett

More information about the dns-operations mailing list