Question about "proper" way to run v6/v4 website

Gert Doering gert at space.net
Wed May 2 21:38:50 CEST 2007


Hi,

On Tue, May 01, 2007 at 11:05:41PM -0700, Doug Barton wrote:
> frankly, it ain't all that useful. Clever, sure. But right now, 
> running a v6-capable operating system is much more likely to cause you 
> problems than benefit, and running v6-enabled services is guaranteed 
> to cause you more problems than benefit, 

Well, the claim "more problems than benefit" is obviously true - as there
is no direct benefit to be an IPv6 early adoptor.

I challenge the actual *amount* of problems experienced, though.  Our
primary web server (www.space.net) is running dual-stack since April 2002,
and besides issues local to the server (the config management stuff we
used had problems with IPv6) I can't remember having seen any issues.

We have been running lots of our internal servers (Intranet stuff) with
IPv6 in the last years, and all our office network infrastructure - and
while it has given some issues (Apache ACLs as the primary candidate), 
the overall amount of trouble was minimal.

[..]
> Then let's talk about WHY you think it's a bad idea, and more 
> importantly, why you think that what I'm proposing is worse than the 
> standard answer of "throw all the records into the same DNS and let 
> God sort them out." With what I'm proposing, no client gets an AAAA 
> record as an answer unless there is at least v6 involved SOMEWHERE in 
> the chain. 

At the same time, you propose to run "v4-only" recursors (by challenging
the decision to run dual-stack).  So your v6-enabled clients will never
see AAAA records if they happen to query the v4-only recursor - which is
something unavoidable if you use WinXP with IPv6, as XP can't query 
DNS over v6 transport.

The whole idea of tieing the content of the DNS response to the transport
used to get it is an extreme layering violation, and networking folks have
almost always found this to be a bad idea...

> While it is obviously not a panacea (and I did not suggest 
> that it was) I can't help believing that it's an improvement to the 
> status quo. Please demonstrate in concrete terms how I am wrong.

See above.

Gert Doering
        -- NetMaster
-- 
Total number of prefixes smaller than registry allocations:  113403

SpaceNet AG                        Vorstand: Sebastian v. Bomhard
Joseph-Dollinger-Bogen 14          Aufsichtsratsvors.: A. Grundner-Culemann
D-80807 Muenchen                   HRB: 136055 (AG Muenchen)
Tel: +49 (89) 32356-444            USt-IdNr.: DE813185279



More information about the ipv6-ops mailing list