single dns query for A and AAAA
Tassos Chatzithomaoglou
achatz at forthnetgroup.gr
Mon Feb 18 22:49:34 CET 2013
Hi all,
I wanted to share with you the following...
I'm getting strange results from a DNS server when being queried through a f5 vpn
connection, resulting in "AAAA" queries/responses being delayed, which in turn leads to
unjustified IPv4 preference. "A" queries/responses are also a bit delayed in comparison to
executing them outside of the vpn, but this extra time isn't justified by the extra
processing and/or hops introduced by the vpn. So i'm guessing something strange is
happening within the vpn.
When the DNS server is being queried without using the vpn connection, then both types of
queries/responses show similar/expected timing behavior and IPv6 preference is always
happening as expected.
Communication with the DNS server is happening solely over IPv4 and IPv6 connectivity (for
other destinations) is working fine.
Trying to troubleshoot and possibly overcome the above, i did a quick search about sending
a single query with both "A" & "AAAA" types, but i didn't find anything feasible. Instead
i found various expired drafts proposing similar solutions (draft-ietf-dnsext-edns1,
draft-sajitha-dnsext-qtype-addr, draft-bellis-dnsext-multi-qtypes), but until now i
haven't seen any dns client/server supporting this behavior (without issues).
So, i was wondering if anyone has compared the following two scenarios in terms of speed,
performance and IPv4v6/IPv4 preference:
2 simultaneous dns queries (a & aaaa)
1 single dns query (any)
I'm almost 100% sure that the "any" query will be too heavy for many domains (esp with
DNSSEC), but i was thinking that it somehow guarantees equal treatment on the dns
processing and leaves IPv4/IPv6 preference to the actual network.
It's like you have two trekkers getting ready to begin an exploration, but one of them is
getting the coordinates of the destination point earlier than the other.
Last but not least...
Q1: Is there an easy 'non-standard' way to configure a bind dns server to always include A
& AAAA in responses, although being queried only for A? i need that for testing
Q2: Is there a way to change the behavior in Win7 and send the AAAA query before the A
query or is it browser specific?
Q3: Are there any known plans to introduce a new query type solely for A and AAAA? Neither
dnsext nor dnsop returned anything.
--
Tassos
More information about the ipv6-ops
mailing list