On Wed, Mar 31, 2010 at 10:41 PM, Patrick W. Gilmore <patr...@ianai.net> wrote: > On Apr 1, 2010, at 12:29 AM, John Jason Brzozowski wrote: > >> Not necessarily, if a dual stack hosts communicates with a recursive name >> server over both IPv4 and IPv6 and other conditions are met then I believe >> it would be fine based on what was presented. > > What other conditions need to be met? > > I did not think there was any way for a host to signal a recursive NS to use > v6 or v4 transport.
It seems to me that you'll need to: (at least) 1) ask for a AAAA from the client -> recursive resolver 2) dual-stack the recursive resolver 3) provide AAAA's with 'better' latency/response than the A records associated with the NS's for your domain (the domian being looked up) 4) decide to answer AAAA queries over ipv6 transport from these NS hosts. 5) also reply with A (and other normal records) when asked for them over either transport Just because 'if the AAAA query comes over ipv6, auto-whitelist + answer' there's nothing stopping the server from responding to A queries over ipv6 with ipv4 addresses. The NS here has no real idea about the original requestor, only what the recursive resolver decides to use for a transport. you can suppose that if a recursive resolver has 'better' ipv6 transport it should be used 'more', and that potentially the AS/customer-set represented by it will have 'better' (or at least 'good enough') ipv6 transport, but that's not guaranteed. All that said, I think I like Igor's idea, I'm not sure I'd implement it without some research first... the same issues that keep large-content-providers from adding blanket AAAA records would likely also affect DNS queries over ipv6 transport. -Chris > >> On 3/31/10 5:12 PM, "John Payne" <j...@sackheads.org> wrote: >> >>> >>> >>> On Mar 31, 2010, at 3:19 PM, Dan Wing wrote: >>> >>>> Any host that sends its AAAA queries over IPv4 would lose >>>> IPv6 connectivity. >>> >>> >>> Isn't this a misdirection? >>> >>> I suspect it's more like: any (address family agnostic) clients of a dual >>> stacked nameserver will (non?) deterministically lose IPv6 connectivity to >>> DNS-determined destinations. >>> >>> ie, even if I only send DNS over IPv6 to my recursive nameserver, if it is >>> dual stacked (often beyond my control), and for this specific query it >>> prefers >>> IPv4, then I will not get an answer for my AAAA under this proposal. >>> >>> >> >> ========================================= >> John Jason Brzozowski >> Comcast Cable >> e) mailto:john_brzozow...@cable.comcast.com >> o) 609-377-6594 >> m) 484-962-0060 >> w) http://www.comcast6.net >> ========================================= >> >> _______________________________________________ >> DNSOP mailing list >> DNSOP@ietf.org >> https://www.ietf.org/mailman/listinfo/dnsop >> > > _______________________________________________ > DNSOP mailing list > DNSOP@ietf.org > https://www.ietf.org/mailman/listinfo/dnsop > _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
