Thoughts about ipv6 white listing

Gert Doering gert at
Sat Dec 4 16:26:20 CET 2010


On Sat, Dec 04, 2010 at 03:36:14AM -0800, George Bonser wrote:
> If an AAAA record request arrives by v6, at least I know that both 
> the client *and* the dns server have v6 

This seems to be the fundamental mistake.

If an AAAA request arrives by v6, all you know is "the client asked for
AAAA, and the recursor has v6".

You don't know *anything* about the availability and/or brokenness of
v6 at the client end.

Gert Doering
        -- NetMaster
did you enable IPv6 on something today...?

SpaceNet AG                        Vorstand: Sebastian v. Bomhard
Joseph-Dollinger-Bogen 14          Aufsichtsratsvors.: A. Grundner-Culemann
D-80807 Muenchen                   HRB: 136055 (AG Muenchen)
Tel: +49 (89) 32356-444            USt-IdNr.: DE813185279

More information about the ipv6-ops mailing list