sixxs domain name servers are not reachable via IPv6
Shadow Hawkins on Friday, 21 March 2008 14:53:49
I've been trying to use the IPv6 gateway on my IPv6 only machine which runs its own independent nameserver with only ipv6 root name servers as start point for dns resolution.
Unfortunately, the sixxs.net domain is only hosted by nameservers that have IPv4 addresses. Since we now have root nameservers on IPv6, would it be possible to also add a IPv6 nameserver ?
sixxs domain name servers are not reachable via IPv6
Shadow Hawkins on Friday, 21 March 2008 20:19:22
sixxs.net does have IPv6 servers; but "net." doesn't have IPv6 glue for all of their servers, and so the chain fails if the "wrong" server is choosen:
if I do a:
dig -6 +trace www.sixxs.net
(so, forcing use of IPv6 only), sometimes it finishes the whole path,
sometimes it fails with "no address" for some DNS server in the way.
eg:
[root@chanae ~]# dig -6 +trace www.sixxs.net
(...)
net. 172800 IN NS f.gtld-servers.net.
;; Received 488 bytes from 2001:7fd::1#53(K.ROOT-SERVERS.NET) in 140 ms
(...)
dig: couldn't get address for 'f.gtld-servers.net': not found
f.gtld-servers.net (server for "net") doesn't have an IPv6 address...
but some times it works:
[root@chanae ~]# dig -6 +trace www.sixxs.net
(...)
net. 172800 IN NS b.gtld-servers.net.
;; Received 488 bytes from 2001:7fd::1#53(K.ROOT-SERVERS.NET) in 39 ms
(...)
sixxs.net. 172800 IN NS ns1.sixxs.net.
sixxs.net. 172800 IN NS ns2.sixxs.net.
sixxs.net. 172800 IN NS ns3.sixxs.net.
;; Received 133 bytes from 2001:503:231d::2:30#53(b.gtld-servers.net) in 124 ms
www.sixxs.net. 300 IN CNAME noc.sixxs.net.
(...)
;; Received 251 bytes from 2001:838:1:1:210:dcff:fe20:7c7c#53(ns1.sixxs.net) in 34 ms
b.gtld-servers.net (another server for "net") does have an IPv6 address; as well as ns1.sixxs.net
It seems a bug in the algorithm to take a random server among a pool, they seem to be choosen regardless of the protocol, for IPv6 only clients it's a problem (and will be for IPv4 only clients when IPv6-only DNS will start to appear)
sixxs domain name servers are not reachable via IPv6
Jeroen Massar on Saturday, 22 March 2008 14:52:34
The "IPv6 Gateway" aka *.sixxs.org falls under .org, and .org doesn't support IPv6 glue. sixxs.net, under which the nameservers for sixxs.org etc are does support IPv6 Glue, but unfortunately, Joker.com where the domain is registered, doesn't support adding this glue. As such, until that is resolved, no cigar.
It is totally useless anyway to run IPv6-only, as such we really are not going to change domain name registers to get that resolved.
sixxs domain name servers are not reachable via IPv6
Shadow Hawkins on Monday, 21 April 2008 22:55:54
While I understand the argument that from a business standpoint you're not going to change Registrars (personally, this made me switch to GKG.net way back because GoDaddy and Joker wouldn't support IPv6 hosts), I disagree with the logic that "It is totally useless anyway to run IPv6-only."
It depends on what you're doing. For what I do during my personal time, I can run IPv6-only. Everything I do is via IPv6 out to my dual-stack colo-server.
I think service providers should be looking at "best practice" implementations, which to me means if you're offering IPv6 access, you should also do everything possible to make IPv6 access work without IPv4. I would suggestion a move the DNS for IPv6 services to a zone that is fully IPv6 functional (Registrar, TLD, etc.).
Sure, we've got IPv4 to live with for some time to come, but if we plan ahead and made IPv6 work end to end now (especially for testing), I think it'll prevent more speedbumps later on.
Further, if "the little guy" can't get his service provider to push their upstream service provider (SixXS pushing Joker) to add IPv6, it's going to take that much longer to get any sort of critical mass going. Everyone will continue to say, "IPv6 isn't ready," when all these shortcoming aren't and won't be dealt with.
Just my two cents.
sixxs domain name servers are not reachable via IPv6
Shadow Hawkins on Tuesday, 03 June 2008 23:46:39
In doing some more testing of my own, I've found that even if you have a domain and/or Registrar doesn't support IPv6 glue (say .ORG, or GoDaddy), you can get around this by using an additional domain and Registrar that does support IPv6 glue (such as .NET and GKG) and create IPv6 dns glue there.
Once you have this, you can use the DNS host with the any domain, and have IPv6-only resolvers be able to find your glue and find your other domains records.
I propose SixXS register FICTIONAL-DOMAIN-IPV6-SIXXS.net with GKG and create IPv6 DNS glue there (IPv4 glue as well, if you like, but it's not required). Then add this DNS host (ns6.FICTIONAL-DOMAIN-IPV6-SIXXS.net) to the sixxs.net and sixxs.org NS list.
sixxs domain name servers are not reachable via IPv6
Jeroen Massar on Tuesday, 10 June 2008 09:06:42
Won't happen. We are just going to await Joker to add AAAA glue support and then we are going to provide it there.
Do remind yourself that SixXS is primarily an IPv4 to IPv6 access provider, people thus have IPv4 as a requirement to actually being able to use the Tunnelbroker.
As such 99% of the people accessing SixXS and for that matter 99%++ of the Internet population most likely have IPv4 connectivity and thus are able to reach the IPv4 edition of the nameservers perfectly fine. Thus, why then start introducing all kinds of weird setups to overcome the 1% of people who want to be
IPv6 is a transition which will take years and years and years, it is not a flag day. If you are trying to run IPv6-only today and you do not have any transition mechanisms in place to talk to the IPv4 world, then you are not connected to the Internet, thus then you can't reach the SixXS sites anyway, thus what would be the point?
sixxs domain name servers are not reachable via IPv6
Jeroen Massar on Sunday, 15 June 2008 11:30:29
Now they are reachable fully over IPv6
Which I guess explains why we where not even thinking of going through all kinds of strange setups or changing registrars, as it was only a little bit away to get it done. Thanks to Joker of course to make this possible for everybody.
sixxs domain name servers are not reachable via IPv6
Shadow Hawkins on Monday, 16 June 2008 20:54:10
Ok, it's great that SixXS.NET NS are now reachable via IPv6. Forward DNS works great now for IPv6!
One problem I see with the Your.ORG pop is that it too has this IPv6 DNS Glue problem. Your.ORG has no IPv6 NS listed at its Registrar and neither in its own nameserver Your.ORG zone.
This breaks PTR records for the netblocks assigned out of this pop. ARIN points the netblock ip6.arpa assignment to ns[1|2|3|4].your.org which only has IPv4 listings. Your.ORG just points the delegation on to SixXS.net (which now has IPv6 glue), but without the Your.org hop being fixed it still leaves reverse DNS broken for an IPv6-only nameserver.
I don't have any other /48s from any other POPs, so I cannot check. Can you confirm if there are other US-based POPs that do have IPv6-enabled NS?
sixxs domain name servers are not reachable via IPv6
Jeroen Massar on Wednesday, 18 June 2008 20:54:11
Tag [/link] is not closed Posting is only allowed when you are logged in. |