On Tue, Jun 2, 2015 at 12:25 AM, Tony Hain <alh-i...@tndh.net> wrote: > > >> -----Original Message----- >> From: christopher.mor...@gmail.com >> [mailto:christopher.mor...@gmail.com] On Behalf Of Christopher Morrow >> Sent: Monday, June 01, 2015 5:10 PM >> To: Tony Hain >> Cc: Hugo Slabbert; Matt Palmer; nanog list >> Subject: Re: AWS Elastic IP architecture >> >> On Mon, Jun 1, 2015 at 7:20 PM, Tony Hain <alh-i...@tndh.net> wrote: >> > True, but it does represent a business decision to choose IPv6. The >> > relevant point here is that the "NEXT" facebook/twitter/snapchat/... >> > is likely being pushed by clueless investors into outsourcing their >> > infrastructure to AWS/Azure/Google-cloud. >> >> ;; ANSWER SECTION: >> www.snapchat.com. 3433 IN CNAME ghs.google.com. >> ghs.google.com. 21599 IN CNAME ghs.l.google.com. >> ghs.l.google.com. 299 IN A 64.233.176.121 >> >> snapchat seems to be doing just fine on 'google cloud services' though? oh: >> >> ;; ANSWER SECTION: >> www.snapchat.com. 3388 IN CNAME ghs.google.com. >> ghs.google.com. 21599 IN CNAME ghs.l.google.com. >> ghs.l.google.com. 299 IN AAAA 2607:f8b0:4002:c06::79 >> >> ha! > > Try https://snapchat.com and see if you ever get an IPv6 connection... Yes an
;; QUESTION SECTION: ;snapchat.com. IN AAAA there is no AAAA for the bare domain... and the bare domain appears to be served from amazon space (54.192.48.27) ~$ openssl s_client -connect snapchat.com:443 CONNECTED(00000003) 139892295607968:error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure:s23_clnt.c:770: aside from that .... no https listener. Your wang shots are not worth encrypting I suppose? application aware proxy can hack some services into appearing to work, but they really fail the service customer because a site may appear to be up over IPv6 until the user switches to https, then having to switch to IPv4 end up appearing dead because IPv4 routing is having a bad hair day. > > >
