BIND 9 AAAA record problems
phn at icke-reklam.ipsec.nu
phn at icke-reklam.ipsec.nu
Tue Jun 29 12:04:45 UTC 2004
JINMEI Tatuya / =1B$B?@L at C#:H=1B(B <jinmei at isl.rdc.toshiba.co.jp> wrote:
>>>>>> On Mon, 28 Jun 2004 14:55:32 +0000,=20
>>>>>> "Todd T. Fries" <todd at fries.net> said:
>> Why is it a bad thing to start out with AAAA? Proper getaddrinfo()
>> implementations should query first an AAAA then an A record for names,
>> so that applications can then connect to whatever is appropriate.
>> It is all part of a `seamless' transition to v6 that has started, albi=
et
>> slowly.
>> For whatever it is worth, the libc in OpenBSD behaves this way, and I
>> quite am pleased that it does.
>> It's not a bug, it's a feature ;-)
> In general and in theory, I agree. But we should also note some
> practical issues in the real world. To name a few:
> - there are some misbehaving authoritative servers against AAAA
> queries. See draft-ietf-dnsop-bad-dns-res-02.txt for more details.
> - I've noticed some applications do not implement the proper fallback
> mechanisms from IPv6 to IPv4. Some do not fall back to A queries
> when AAAA queries fail (with "NONAME"). Some do not try to connect
> the IPv4 addresses when the attempt to connect to the IPv6 addresses
> fails. I see mozilla/firefox show this behavior with its internal
> resolver routines.
This might be an area where a configurable resolver would be of
value, when an app asks for AAAA the resolver could be
configured to respond "NXDOMAIN" without even asking a nameserver.
> JINMEI, Tatuya
> Communication Platform Lab.
> Corporate R&D Center, Toshiba Corp.
> jinmei at isl.rdc.toshiba.co.jp
--=20
Peter H=E5kanson =20
IPSec Sverige ( At Gothenburg Riverside )
Sorry about my e-mail address, but i'm trying to keep spam out=
,
remove "icke-reklam" if you feel for mailing me. Thanx.
More information about the bind-users
mailing list