[dns-operations] Signaling client protocol to authority

Paul Vixie vixie at isc.org
Sun Jan 16 17:32:12 UTC 2011

> From: Matthew Pounsett <matt at conundrum.com>
> Date: Sun, 16 Jan 2011 11:44:54 -0500
> > Are there any ideas or efforts for a recursive NS to signal the
> > authoritative NS whether the client used v4 or v6 to request the
> > record?
> There's nothing currently in protocol to send that signal.  I haven't
> heard of anyone working on anything to add that feature, and I'm not
> sure why it would be useful.
> Is there a particular reason the authoritative server wouldn't just
> look at the IP address of the client to figure it out?

when we added the AAAA RR type some of us wanted to extend differently,
by adding a new meta-query type (similar to ANY or AXFR) that meant
"tell me any address records you know about, for any protocol".  note
that in the beginning of the discussion several people were proposing
that ipv6 get its own "class" (so, IN6) and that in that class the A RR
would just have more bits in it.  it was at approximately that time that
the "class" field was finally determined to be a namespace selector,
where each class would require its own root name servers and so on,
rather than an rrset selector, where a given zone could have more than
one class of data in it.  i sometimes wish we'd gone the other way on
"class" and i every day wish that we'd done the meta-type on "any address"
or at least finished the QTYPE>1 logic i once proposed as part of EDNS1
so that we could have asked for A and AAAA in the same round trip.

anyway, to your question, the reason some people think that the authority
server might want to know the stub resolver's IP transport (v4 or v6) is
the same reason some people think that the authority server might want to
know the stub resolver's IP address -- it's for DNS-level traffic
engineering, so that the authority can consider giving a different answer
based on the stub resolver's reachability.

as ed lewis said in his longer reply to the original question here, this
would require an on-the-wire change to allow the recursive to tell the
authority what the stub's connectivity is, and it would also require a
systemic change to DNS to expand the fundamental dns key from "just q-tuple"
to "q-tuple plus this other stuff".  this is highly controversial stuff.

More information about the dns-operations mailing list