DNSSec and GoDaddy and IPv6 (cross-posted)
Frank Bulk
frnkblk at iname.com
Tue Dec 8 00:50:11 CET 2015
Just for the record -- worked with GoDaddy over the last few weeks to find
out why I can't get DS keys added to a zone, onlyv6.com. Their DS-adding
interface (selective and bulk) errors out.
It culminated today with lots of back and forth with the front-line support
(that interfaces, via chat, with the Advanced Technical Support team).
After some red herrings about lack of connected to our nameservers (I had to
send screenshots that I could ping all three nameservers), a concern that a
nameserver didn't have a matching PTR record, and that not all nameservers
were at the same serial number (one was at a slightly older one), it came
down to that they require two working IPv4-enabled nameservers in order to
add a DS key. Having an IPv6-only zone is apparently not acceptable. Kudos
to the two front-line support reps that were professional and did their
level best (though one remarked he had never seen an IP address like that
before).
I suspect that GoDaddy's backend DS validation system has some kind of bug
that prevents contact with an IPv6-only zone.
Anyone know of a registrar that supports both IPv6 and DNSsec?
Frank
More information about the ipv6-ops
mailing list