Re: regarding the respsize draft: preferring glue of certain types

["D. J. Bernstein" <djb@cr.yp.to>]

Mohsen Souissi writes:
> As far as I know, even if some root servers already run IPv6, their
> IPv6 address is not present in the root zone

The resolver is configured with the addresses of the root DNS servers,
or of servers that know the root addresses. There are two possibilities
at this point:

   (1) The resolver can't reach IPv6 addresses. This means that the
       initial addresses have to be A---otherwise they _do not work_.
       Similarly, all the subsequent DNS server addresses used by that
       resolver have to be A---otherwise they _do not work_.

   (2) The resolver can reach IPv6 addresses. In this case, if a DNS
       server supports both IPv4 and IPv6, why would the resolver be
       interested in the DNS server's IPv4 address? What's the benefit?

The rule I'm suggesting is ``In a delegation, if a child server has only
A records, provide those records; if it has only AAAA records, provide
those records; if it has both, provide A to clients that asked through
IPv4, AAAA to clients that asked through IPv6.''

The records that I'm eliminating are the same ones that Vixie was
talking about eliminating. The difference is that he'd provide them if
they fit into 512 bytes (which they don't, for the high-level servers),
while I would never provide them. The existing AAAA protocol would seem
to require them in all circumstances (forcing truncation and TCP for the
high-level servers), which is clearly a mistake.

Let me emphasize that we are talking about _delegations_. These are DNS
server addresses used by the resolver. They are not web server addresses
passed through the resolver to browsers with varying connectivity.

---D. J. Bernstein, Associate Professor, Department of Mathematics,
Statistics, and Computer Science, University of Illinois at Chicago
#----------------------------------------------------------------------
# To unsubscribe, send a message to <dnsop-request@cafax.se>.