[dns-operations] An simple observation

Davey Song songlinjian at gmail.com
Fri Sep 26 04:28:45 UTC 2014

On Fri, Sep 26, 2014 at 12:28 AM, Warren Kumari <warren at kumari.net> wrote:

> On Thu, Sep 25, 2014 at 9:26 AM, Matthew Pounsett <matt at conundrum.com>
> wrote:
> >
> > On Sep 24, 2014, at 21:27 , Davey Song <songlinjian at gmail.com> wrote:
> >
> >> Hi everyone, I‘m recently doing a little survey on the penetration of
> IPv6 in DNS system and it's latent problems.
> >>
> >> I find that top websites like Google, Wikipedia,Yahoo already support
> IPv6 access, but its name servers are still IPv4-only. I'm wondering why?
> is there any operation consideration or risk in their IPv6 deployment?
> >
> > There is additional operational complexity in running a dual-stack
> network, which implies some risk, but in my opinion it’s not serious enough
> to be a real blocker for most networks.  Some companies may have legacy
> assumptions in their application that makes adding IPv6 difficult in some
> way, but from the outside it’s impossible to identify who those networks
> might be.
> >
> > Some large companies simply have their own inertia to overcome.  It can
> take a while to get large re-engineering projects moving in larger
> companies, and they may need/want to wait until the infrastructure is in
> place everywhere before turning it on anywhere.
> >
> > It’s a little weird to me that google’s authoritative DNS servers are
> not addressable over v6.  Their Google Public DNS service does operate over
> v6, so clearly they have the infrastructure in place.
> Google has been focusing on IPv6 for the user first -- for example,
> the Google Public DNS stuff, the web interface, etc. Obviously enough,
> this involved a bunch of infrastructure work...
> For the auth nameservers -- there is work underway, and, AFAIK, there
> should measurement of the impact of v6 glue soon.
> Thanks for your explanation and comments, Warren and Matthew. Glad to hear
some work underway to make a fully IPv6 connected Internet. I once take it
for granted that the increasing IPv6 traffic WorldWide is based on IPv6
end-to-end (both IP/DNS layer) capability and  independent on IPv4
infrastructure. Now I realize it is not so optimistic.

This is not a risk free operation -- there are name-servers out there
> that believe that they have working v6, but don't, and also places
> where the v6 latency differs from the v4 latency. Measuring and
> understanding all the implications before flipping the big switch is
> important....
> >  I’m speculating, but perhaps there are bits of their internal CDN-like
> behaviour that still need to be modified.
> >
> > In short, no there are no generally applicable technical reasons not to
> be running v6 on your DNS servers.
> W
> > _______________________________________________
> > dns-operations mailing list
> > dns-operations at lists.dns-oarc.net
> > https://lists.dns-oarc.net/mailman/listinfo/dns-operations
> > dns-jobs mailing list
> > https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
> --
> I don't think the execution is relevant when it was obviously a bad
> idea in the first place.
> This is like putting rabid weasels in your pants, and later expressing
> regret at having chosen those particular rabid weasels and that pair
> of pants.
>    ---maf
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.dns-oarc.net/pipermail/dns-operations/attachments/20140926/2441a5e6/attachment.html>

More information about the dns-operations mailing list