[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]


To: Jun-ichiro itojun Hagino <itojun@iijlab.net>
cc: ngtrans@sunroof.eng.sun.com, namedroppers@ops.ietf.org, ipng@sunroof.eng.sun.com, dnsop@cafax.se
From: Robert Elz <kre@munnari.OZ.AU>
Date: Wed, 15 Aug 2001 18:16:22 +0700
In-Reply-To: <20010815085732.742B37BA@starfruit.itojun.org>
Sender: owner-dnsop@cafax.se
Subject: Re: (ngtrans) Joint DNSEXT & NGTRANS summary 

    Date:        Wed, 15 Aug 2001 17:57:32 +0900
    From:        Jun-ichiro itojun Hagino <itojun@iijlab.net>
    Message-ID:  <20010815085732.742B37BA@starfruit.itojun.org>

  | 	(1) A6 chasing is traffic multiplication = DoS possibility (recursive
  | 	    servers),

That has nothing at all to do with AAAA synthesis - it is an argument
against A6 in general, but a very weak one.   A site that wants to
avoid this with A6 can easily avoid it.  A site that wants to create
lots of traffic with lookups can easily create it with AAAA (just add
a few CNAMEs going into other domains...)   A6 adds one more opportunity
for people to configure things badly, but nothing at all new.

  | 	(2) it is unclear as to how will be doing AAAA synthesis, and we cannot
  | 	    ensure that it will happen at the leaf

Who cares?   If someone asks for an AAAA, and gets back an AAAA, then
they're happy right?  If the server provided an A6, was asked for an
A6, and answered with an A6, it is happy, right?  Something between
original (probably stub) resolver and server converted.   Who cares
what it was?

The operators of the resolver might care - for lots of reasons, in which
case they provide the back end resolver that does the synthesis.

  | 	(3) by deploying AAAA synthesis you end up maintaining both A6 and AAAA:

No, exactly the opposite, you end up maintaining A6 only.   The AAAA RR
type remains in use, but that's no work for anyone.

Actual AAAA records remain in zone files only long enough for the current
(small) infrastructure to be mostly upgraded (so that it has back end
resolvers in enough places).  Once a fair proportion has that installed, the
AAAA records simply get yanked from everywhere.  That provides the incentive
for everyone else to install a capable back end.

  | 	(3a) impose lookup delays to IPv6 clients.

No, no delays at all (other than what is involved in the A6 lookup).

  | 	(3b) server admins need to maintain both A6 and AAAA in zoen file,
  | 	     which is unhappy.

No, only A6 records, that's what AAAA synthesis is all about, remember...

kre
Home | Date list | Subject list