Thoughts about ipv6 white listing
leen at consolejunkie.net
Sat Dec 4 22:24:22 CET 2010
>> How is this different from just publish both A and AAAA ?
> The v6 server *will* publish both A and AAAA
> The v4 server will publish only A
> The reason is that if a request arrives via IPv4, I cannot be sure of the state of the requestor behind that request. If an AAAA record request arrives by v6, at least I know that both the client *and* the dns server have v6 and if the server can reach me, most likely the client can too because both are on the same network. Again, this isn’t a website. This is a client/server application and the client does not live on a PC.
You don't know if the client has IPv6-connectivity, you just know the
client initiates AAAA-queries. Their really is a big difference here.
More information about the ipv6-ops