To:
dnsop@cafax.se
From:
"D. J. Bernstein" <djb@cr.yp.to>
Date:
17 Jul 2003 18:31:31 -0000
Automatic-Legal-Notices:
See http://cr.yp.to/mailcopyright.html.
Content-Disposition:
inline
Sender:
owner-dnsop@cafax.se
Subject:
Re: regarding the respsize draft: preferring glue of certain types
Mohsen Souissi writes: > As far as I know, even if some root servers already run IPv6, their > IPv6 address is not present in the root zone The resolver is configured with the addresses of the root DNS servers, or of servers that know the root addresses. There are two possibilities at this point: (1) The resolver can't reach IPv6 addresses. This means that the initial addresses have to be A---otherwise they _do not work_. Similarly, all the subsequent DNS server addresses used by that resolver have to be A---otherwise they _do not work_. (2) The resolver can reach IPv6 addresses. In this case, if a DNS server supports both IPv4 and IPv6, why would the resolver be interested in the DNS server's IPv4 address? What's the benefit? The rule I'm suggesting is ``In a delegation, if a child server has only A records, provide those records; if it has only AAAA records, provide those records; if it has both, provide A to clients that asked through IPv4, AAAA to clients that asked through IPv6.'' The records that I'm eliminating are the same ones that Vixie was talking about eliminating. The difference is that he'd provide them if they fit into 512 bytes (which they don't, for the high-level servers), while I would never provide them. The existing AAAA protocol would seem to require them in all circumstances (forcing truncation and TCP for the high-level servers), which is clearly a mistake. Let me emphasize that we are talking about _delegations_. These are DNS server addresses used by the resolver. They are not web server addresses passed through the resolver to browsers with varying connectivity. ---D. J. Bernstein, Associate Professor, Department of Mathematics, Statistics, and Computer Science, University of Illinois at Chicago #---------------------------------------------------------------------- # To unsubscribe, send a message to <dnsop-request@cafax.se>.