Please, talk me down.
nanog at jima.tk
Wed Oct 17 03:59:32 UTC 2012
On 2012-10-16 21:35, Joseph Anthony Pasquale Holsten wrote:
> I want to like IPv6. I do. But I'm seriously considering turning off IPv6 support from our servers.
> First off, I'm using djbdns internally and it doesn't support AAAA records. So we really aren't using it internally.
It sounds like this is a djbdns problem, not an IPv6 problem.
FWIW, DJB's public take on IPv6 can be found here:
http://cr.yp.to/djbdns/ipv6mess.html . Judging by the lack of updates
in the past 10 years (OK, 10 years next month), I'm not certain whether
his position has changed. (Granted, some of the ten-year-old facts
have, so who knows.) Personally, I didn't agree with his perspective at
the time, and I feel it's only gotten less valid over time.
> But today I noticed that we have a lot of traffic to our DNS cache, and started to investigate. Turns out that every DNS request would start with one for the AAAA record. Ah, no luck. Maybe you forgot the search domain? Let's retry that DNS request with that tacked on. Failed again? Meanwhile, lets simultaneously try for the AA record then. Repeat.
Are 2x the queries -- in exchange for future-proofing the network --
coming that close to overloading your DNS cache? You may want to
re-evaluate the scalability of your cache.
Or replace your DNS cache with something maintained in the last decade
(I thought I was exaggerating, but the last changelog in 1.05 is
20010211), and deploy all your internal assets on IPv6 -- thus reducing
the query load AND getting your systems ready for the future.
> I'm _this_ close to turning IPv6 off entirely. Anyone want to talk me off this ledge?
Go right ahead. But first, what company is this, so the rest of us
can know to avoid doing business? ;-)
More information about the NANOG