[nsd-users] Should DNS servers communicate with IPv6 only DNS server
Måns Nilsson
mansaxel at besserwisser.org
Fri Dec 4 10:35:53 UTC 2020
Subject: [nsd-users] Should DNS servers communicate with IPv6 only DNS server Date: Fri, Dec 04, 2020 at 05:47:50PM +0800 Quoting Vladimir Lomov via nsd-users (nsd-users at lists.nlnetlabs.nl):
>
> I know this is not NSD specific question but could someone on the list give me
> a hint or link to some document(s) (may be RFC) that describes common practice
> about server communitations? How should DNS server communitate with other
> (authoritative) DNS server: by using only IPv4 or use both IPv4 and IPv6
> addresses? Should I report to DNS providers that they DNS server (resolver?)
> doesn't contact authoritative DNS server by IPv6 or simply avoid to use such
> DNS providers?
( I think a v6-only server, today, is of limited albeit growing
usefulness, in and of itself. As a member in the NS RRSET for
a domain, where the aggregate is dual-stack, yes, then it is a
good addition.)
As to resolver behaviour, I would argue that dual-stack is very desirable
in a resolver, more so than in a namne server, which of course depends on
it being a SPOF for the client until timeout kicks in. And consequently,
I think that a full-service resolver should use all available means to
reach its data sources.
Regarding "reporting", well, you could ask them why they've not dual-stacked
their outgoing queries, and point to RFC 6540.
Related to that, I strongly argue that "resolver providers" are a less
than optimal centralisation of something that is best done at the network
edge. I would encourage every so capable entity to operate their own
validating resolver, as close to the clients as feasible, and do away
with the dependency on a datamining bigco.
Regards,
--
Måns Nilsson primary/secondary/besserwisser/machina
MN-1334-RIPE SA0XLR +46 705 989668
DIDI ... is that a MARTIAN name, or, are we in ISRAEL?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 195 bytes
Desc: not available
URL: <http://lists.nlnetlabs.nl/pipermail/nsd-users/attachments/20201204/cd5422fe/attachment.bin>
More information about the nsd-users
mailing list