IPv6 reverse lookup - lame delegation?

• Previous message (by thread): IPv6 reverse lookup - lame delegation?
• Next message (by thread): IPv6 reverse lookup - lame delegation?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

-----BEGIN PGP SIGNED MESSAGE-----

Randy Bush wrote:

> >>> if i try to log into my machines back in tokyo by IPv6 SSH, it takes
> >>> very long time.  i guess i found the reason - (possible) lame delegation
> >>> of blah.ip6.int.  ip6.arpa. query returns instantly.
> >>> how could we fix it?
> >> By fixing the software as ip6.int was deprecated 2 years+++
> >> ago as you should already know.
> > for backward compatibility reasons many software do
> > 	query ip6.arpa;
> > 	if (not found)
> > 		query ip6.int;
> > i'm not too sure if we can remove the "query ip6.int" part today.
> 
> if, as you say, there was instant response to the ip6.arpa query,
> then jeroen's response that the software was broken seems even
> more clear.

The piece of software itojun describes is quite common, simply
because it already has taken two years for even getting an RFC
for ip6.arpa reverse for the 6bone. Now all we have to do is
wait for the nameservers to actually appear and not to forget
for them to get populated, 6/6/6 is quite a good estimate I guess ;)

The problem only is that many software implementations only
check ip6.int even though it is has been deprecated, fortunatly
now that the RFC for the 6bone is out some manufacturers have
been implementing ip6.arpa support by basically doing the
simple g/ip6.int/s/ip6.int/ip6.arpa/g over their code.

As the ip6.arpa doesn't exist at all for 6bone space at
the moment he got a correct NXDOMAIN back from those and
what itojun saw then where recursive looping dns servers
which where not authoritive for the reverse thus pointed
back to the root, software retries a number of times
causing the shown delay. (dig +trace is ones friend)

> and i don't believe in 'do-gooder' software that tries to make
> broken things work anyway.  if it succeeds, no one notices and
> says thanks.  if it fails, boy does it look bad.

ip6.int should indeed be gone completely from all software.
It should have been 2 years ago, but due to 6bone not having
ip6.arpa there was kind of a reason not to, but there is now...
If developers start fixing their software it will be enough
time for the NS operators to set the reverses up correctly.

Greets,
 Jeroen

-----BEGIN PGP SIGNATURE-----
Version: Unfix PGP for Outlook Alpha 13 Int.
Comment: Jeroen Massar / http://unfix.org/~jeroen

iQA/AwUBQCkCdymqKFIzPnwjEQITeACgu4fzV0Q9KAhhbck/nyhyh6tPHGMAoIUR
wOMIZoVaOys39hvPR4E18GHj
=++66
-----END PGP SIGNATURE-----

• Previous message (by thread): IPv6 reverse lookup - lame delegation?
• Next message (by thread): IPv6 reverse lookup - lame delegation?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]