[dns-operations] Signaling client protocol to authority

Patrick W. Gilmore patrick at ianai.net
Mon Jan 17 02:08:40 UTC 2011 

On Jan 16, 2011, at 2:38 PM, Paul Vixie wrote:

>> From: "Patrick W. Gilmore" <patrick at ianai.net>
>> Date: Sun, 16 Jan 2011 13:46:26 -0500
>> 
>> The problem is end users who have no v6 connectivity ask for quad-A,
>> and they do it over v4.
> 
> then they should stop doing that.

Lest you think otherwise, I wholeheartedly agree.

They should also properly randomize their ephemeral ports.  They should also practice BCP38, stop spamming, and lots of other things.  Unfortunately, none of that is likely to happen today, so I work against spammers (I hear you've done some work on that yourself, Paul), protect against spoof'ed source DoS attacks, etc.

By the same token, not everyone does v6 properly today.  Or likely for quite a while in the future either.


>> As I explained earlier, if they ask for a quad-A over v6, it is far
>> more likely they can actually reach the web server over v6.
> 
> getting from where we are to an all-ipv6 world is going to be hard for
> a lot of people but it's where we are going and i'd like very much to
> stop messing around with half measures on getting there.
> 
> and the converse case does not obtain, anyway.  those who ask for AAAA
> over ipv4 do not nec'ily lack ipv6 connectivity they probably just got
> a bunch of ipv4-only recursives assigned to them in dhcp.  those who
> ask for A first and then AAAA likewise aren't predictably lacking in
> ipv6 connectivity.  we should not be making assumptions about the 
> connectivity of a stub based on what questions they ask or using what
> protocol.

See previous post about failure modes.


> everybody just please add AAAA RR's to their web properties, and client
> side vendors please just stop asking for AAAA RR's you cannot reach.

If I had a magic wand, I would wave it.

However, back in reality land, there is no magic wand.  If we can come up with a way to ease the transition to 100% v6, which is certain to take many years, I think that would be a Good Thing.

Perhaps you disagree, perhaps you think we should cause as much pain as possible until everyone is on v6.  Which is a perfectly valid PoV, just not the one I hold.  Either way, nothing above is an actual argument against the idea.

-- 
TTFN,
patrick

More information about the dns-operations mailing list