[nycbug-talk] [Miles Nordin] IPv6 problems with your DNS servers

Sujit Karataparambil sjt.kar at gmail.com
Wed Dec 3 00:32:07 EST 2008


Looks like you will have to dig into bind manual.

This is an extract of how the IPV6 Routing is being Carried Out.
http://www.isi.edu/~bmanning/v6DNS.html

Looks like it is an problem with the IPV6 and IPV4 being simulatneously
Being used.

This will require an quad-A DNS Lookup.Supported only on few softwares.

Thanks,
Sujit


On 12/3/08, Miles Nordin <carton at ivy.net> wrote:
> :(
>
>
>
> ---------- Forwarded message ----------
> From: Miles Nordin <carton at castrovalva.Ivy.NET>
> To: domain at facebook.com
> Date: Wed, 03 Dec 2008 00:03:32 -0500
> Subject: IPv6 problems with your DNS servers
> Your nameservers are broken w.r.t. IPv6 queries, which are sent by
> default on modern operating systems like Mac OS X, if you have an
> IPv6-speaking nameserver, which I do.  Have a look at the typescript
> below.  Your server is timing out on the initial AAAA query.  Since
> you haven't implemented IPv6, you should answer the AAAA query
> immediately with 0 answers so that my resolver can immediately retry
> an A query---see the normal example for laconi.ca, or just open a Mac
> OS X terminal and try 'dig <site.org> aaaa' for any domain except your
> own.
>
> The consequence: sites that have turned up IPv6 find that Facebook
> works extremely slowly.  It's available, at best, 30 seconds out of
> every 45.  In general it's much worse because after you've been idle
> for more than 30 seconds, the site freezes for 15 seconds.
>
> This is not merely an issue of improving things for the small fraction
> of your users that have IPv6.  It's about being a good neighbor on the
> Internet, because v6-broken sites are a significant impediment to IPv6
> adoption.  They make IPv6 harder to roll out because of the painful
> brokenness and slowness, and also encourage a lot of broken
> workarounds inside operating systems and browsers that fix your broken
> site while breaking other sites that have implemented IPv6 properly.
> We've already had problems with one such workaround being slipped into
> Firefox, but AFAICT it was backed out.
>
> TIA for your attention, and best wishes.
>
> -----8<-----
> castrovalva:~$ time dig www.facebook.com aaaa @69.63.176.101
>
> ; <<>> DiG 9.3.1 <<>> www.facebook.com aaaa @69.63.176.101
> ; (1 server found)
> ;; global options:  printcmd
> ;; connection timed out; no servers could be reached
>
> real    0m15.053s
> user    0m0.028s
> sys     0m0.016s
> castrovalva:~$ time dig www.facebook.com a @69.63.176.101
>
> ; <<>> DiG 9.3.1 <<>> www.facebook.com a @69.63.176.101
> ; (1 server found)
> ;; global options:  printcmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 36146
> ;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
>
> ;; QUESTION SECTION:
> ;www.facebook.com.              IN      A
>
> ;; ANSWER SECTION:
> www.facebook.com.       30      IN      A       69.63.176.143
>
> ;; Query time: 140 msec
> ;; SERVER: 69.63.176.101#53(69.63.176.101)
> ;; WHEN: Tue Dec  2 23:44:28 2008
> ;; MSG SIZE  rcvd: 50
>
>
> real    0m0.184s
> user    0m0.031s
> sys     0m0.014s
> castrovalva:~$
> -----8<-----
>
> -----8<-----
> castrovalva:~$ dig laconi.ca AAAA @209.172.55.139
>
> ; <<>> DiG 9.3.1 <<>> laconi.ca AAAA @209.172.55.139
> ; (1 server found)
> ;; global options:  printcmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 18146
> ;; flags: qr aa rd; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
>
> ;; QUESTION SECTION:
> ;laconi.ca.                     IN      AAAA
>
> ;; AUTHORITY SECTION:
> laconi.ca.              1800    IN      SOA     ns1.laconi.ca. hostmaster.laconi.ca. 2008100601 28800 7200 2419200 1800
>
> ;; Query time: 53 msec
> ;; SERVER: 209.172.55.139#53(209.172.55.139)
> ;; WHEN: Tue Dec  2 23:57:51 2008
> ;; MSG SIZE  rcvd: 78
>
> castrovalva:~$ dig laconi.ca A @209.172.55.139
>
> ; <<>> DiG 9.3.1 <<>> laconi.ca A @209.172.55.139
> ; (1 server found)
> ;; global options:  printcmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 23607
> ;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 1
>
> ;; QUESTION SECTION:
> ;laconi.ca.                     IN      A
>
> ;; ANSWER SECTION:
> laconi.ca.              1800    IN      A       75.101.228.101
>
> ;; AUTHORITY SECTION:
> laconi.ca.              1800    IN      NS      ns1.twisted4life.com.
> laconi.ca.              1800    IN      NS      ns1.laconi.ca.
>
> ;; ADDITIONAL SECTION:
> ns1.laconi.ca.          1800    IN      A       209.172.55.139
>
> ;; Query time: 68 msec
> ;; SERVER: 209.172.55.139#53(209.172.55.139)
> ;; WHEN: Tue Dec  2 23:58:03 2008
> ;; MSG SIZE  rcvd: 111
>
> -----8<-----
>
> _______________________________________________
> talk mailing list
> talk at lists.nycbug.org
> http://lists.nycbug.org/mailman/listinfo/talk
>
>
>



More information about the talk mailing list