On Wed, 31 Mar 2010, Pekka Savola wrote: :: On Tue, 30 Mar 2010, Igor Gashinsky wrote: :: > So, the question now is, what can be done? By no means do I think that :: > lying based on transport is a good idea, however, I simply don't have a :: > better one, and, this is a real problem, which is delaying ipv6 deployment :: > for a number of people. So, if anybody else has a better option, I (and :: > other content providers) would love to hear it! Unfortunately, this is the :: > best we've come up with thusfar... :: :: I'm not sure how this trick is going to work when you step back a bit: You'll :: still need to maintain a whilelist of networks where the ISP has agreed to :: implement this hack in their DNS recursive server. You can't start serve :: AAAA records to others.
You are absolutely correct, this is not to replace the whitelist, this is on top of it. There are different discussions going on right now on how to make the whitelisting process easier/more universal/more automated, but this realisticly is on top of that. In the grand scheme of things, once people measure the # of broken users for each resolver that hits them, they can then automagicly whitelist the servers which are within the SLA for "broken users" without any ISP out there applying for the whitelist -- doing this hack is simply a tool to guarantee that your resolver will pass the "SLA test" (ie we won't break too many users if we whitelist your resolver). :: The only reason for doing the hack would be if you had stricter requirements :: than Google. They whilelist ISPs' resolvers but trust that the ISPs resolve :: issues that get reported to them. You would be whilelisting ISPs but require :: a mechanism that cuts down on broken IPv6 experience. You're right that even :: a google-whitelisted ISP user could experience issues (but not report to the :: ISP). Yes, I think most people *will* have a stricter requirement then Google does for their "ipv6 beta program" (say, no more then 1/10,000 broken users behind your resolvers), and I will be very surprised if google doesn't tighten up their requirements as well (or at least conciders doing so) in the near future, but, clearly, working for a competitor, I won't speak for them :) To me, breaking 1/2000 users (which is what happends today) is not acceptable when rolled out on a larger scale (10's or 100's of millions of users), but that's just me, and, I do not believe that the Google ipv6 pilot is anywhere near that scale yet... Thanks, -igor _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
