Have we been opted out of IPv6 AAAA resolution?
Shumon Huque
shuque at upenn.edu
Wed Jun 6 14:26:11 CEST 2012
Same here (University of Pennsylvania) for google. And it's
only our primary resolver that isn't receiving AAAA. The
others are fine.
No issues seeing AAAA for Facebook, Netflix, Bing, and others ..
Who at google did you write to? I'm assuming dns-admin.google.com?
--Shumon.
On Wed, Jun 06, 2012 at 01:54:04PM +0200, Bernhard Schmidt wrote:
> Am 06.06.2012 13:38, schrieb Phil Mayers:
>
> Hey Phil,
>
> we do have a similar problem on one of our resolvers. We do have AAAA
> for Facebook and Yahoo, but lost AAAA for Google/Youtube yesterday and
> never got Bing.
>
> I wrote Google and they told me that they saw IPv6 connectivity issues
> from clients using that resolver and are thus not delivering AAAA
> anymore. I'm still waiting for exact data, since we have been
> whitelisted since year 1 and I don't see any tickets around about
> connectivity issues. And, same as for you, almost all our services are
> IPv6-enabled, so people with broken IPv6 won't have much fun.
>
> Best Regards,
> Bernhard
>
> > Odd result today. We noticed that our recursive resolvers are not
> > returning AAAA for www.google.com and www.facebook.com. Facebook was
> > most certainly working earlier in the week (they seemed to serve a AAAA
> > earlier than anyone else).
> >
> > Further investigation using "dig @theremotedns" shows that other servers
> > at our site are able to see AAAA, but our recursive DNS servers are not;
> > that is, I don't think it is our DNS software.
> >
> > It seems that the IP addresses of our DNS servers have made it into some
> > kind of blacklist / greylist that is common to Google, Facebook and
> > others. Indeed, I can confirm this by adding another IP alias to the box
> > and using "dig -b":
> >
> > [root at rdns1 ~]# dig +short -b 155.198.62.111 @glb1.facebook.com.
> > www.facebook.com aaaa
> > 2a03:2880:2110:3f03:face:b00c::
> > [root at rdns1 ~]#
> >
> > [root at rdns1 ~]# dig +short -b 155.198.62.11 @glb1.facebook.com.
> > www.facebook.com aaaa
> > [root at rdns1 ~]#
> >
> > I can't really imagine what's happening, unless the "big 5" (Google,
> > Yahoo, Facebook, Bing, Youtube) are sharing some kind of automated data
> > source, and for some reason that source believes we have "brokenness"
> > (which we don't; our own website and email service are IPv6-enabled!)
--
Shumon Huque
University of Pennsylvania.
More information about the ipv6-ops
mailing list