Please, talk me down.

John Levine johnl at iecc.com
Wed Oct 17 14:25:36 UTC 2012


In article <2801F5F8-B8E2-4A9F-9A89-02D7783CCDA7 at josephholsten.com> you write:
>I want to like IPv6. I do. But I'm seriously considering turning off
>IPv6 support from our servers.
>
>First off, I'm using djbdns internally and it doesn't support AAAA
>records. So we really aren't using it internally.

I'm a long time djbdns user.  But about a year ago, I switched from
using dnscache to unbound for my cache, because it does useful stuff
that dnscache doesn't do.  I had a bunch of wacky local stuff
configured into dnscache, like querying local servers for local-only
domains, and substituting a local reject-all for some nasty outside
domains, and it took about an hour to figure out how to do it all with
unbound.  I run it under daemontools.

My authoritative servers are still tinydns, even though I do support
IPv6.  Since tinydns-data compiles stuff from a text source file, I
have a perl script that translates lines with AAAA records in a normal
format into the escape codes that tinydns uses for arbitrary record
types.  It's gross, but it works.

So anyway, use unbound for your cache, no need to change away from
tinydns unless you want to use DNSSEC, which it'll never support.

-- 
Regards,
John Levine, johnl at iecc.com, Primary Perpetrator of "The Internet for Dummies",
Please consider the environment before reading this e-mail. http://jl.ly



More information about the NANOG mailing list