Question about "proper" way to run v6/v4 website

Rémi Denis-Courmont rdenis at simphalempin.com
Thu Apr 19 20:51:32 CEST 2007 

Le jeudi 19 avril 2007 21:02, Tim a écrit :
> > Second, IPv4 people with an IPv6-enabled DNS servers would have a
> > big problem (yes, this scenario can happen).
>
> Ok, agreed, but the number of people in this situation is probably
> small, esp given what you say about fewer people using v6 for DNS
> that people running v6 in general.

No. When you deploy IPv6 to a campus network, DNS servers might be among 
the first to get the upgrade. And surely not all desktops will get IPv6 
before the recursive DNS servers, if only because some of them are 
running too old operating systems (which are not that old).

Breaking correct setups to fix broken is extremely bad.

> Well, my assumption is:
>    (IPv6 software && IPv6 DNS) => (IPv6 connectivity)

> Rather than:
>   (IPv6 software) => (IPv6 connectivity)

> The latter of course is your assumption if you just publish A and
> AAAA for a webserver.

No. My assumption is that someone who request AAAA wants to use AAAA. I 
don't know many host DNS resolver with bipolarility syndrom disorder.

You are assuming that IPv6 software always tries to do IPv6. That's 
blatantly wrong. Local dual-stack resolver libraries only try AAAA if 
there is IPv6 connectivity AND the software supports IPv6 AND source 
address selection labels give precedence to IPv6 (which essentially 
means there is *native* IPv6 on both sides).

> However, if you rob someone of connectivity by doing this, you aren't
> ever going to sell management on providing IPv6 as well as IPv4 on
> the same domain name.  In addition, if you use the two-domain hack
> (for "whiners"), then you're just putting up more barriers to a clean
> transition, at least IMHO.

I am not saying the official solution is perfect. What I do say,is your 
hack is worse, because it yields false positives and false negatives 
more often. It also makes it more difficult for people to fix their 
problems, since you are moving the "decision logic" to your side, 
instead of theirs.

It was also already pointed out earlier that HTTP is not exactly the 
main driver for IPv6. There is no added-value to IPv6 there unless you 
are short on IPv4 addresses for your webservers (but then you are badly 
screwed anyway). If I were Google I would start putting it into Gtalk 
rather than the search engine.

-- 
Rémi Denis-Courmont
http://www.remlab.net/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: not available
Url : http://lists.cluenet.de/pipermail/ipv6-ops/attachments/20070419/cbb395e2/attachment.bin

More information about the ipv6-ops mailing list