I think this discussion is mostly way out of scope here, so I'll try to resist continuing on-list except for the last part about the actual discovery..
On Sat, 17 Apr 2004, Iljitsch van Beijnum wrote: > > I don't think this is correct. It gives you v6 for services which > > would only be available (or working correctly) using v6. > > Since there are no services that are inherently only possible over > IPv6, the existence of services that are only available over IPv6 means > that someone is running (effectively) IPv6-only. If they were fully > dual-stack then the service would also be available over IPv4. So > usefulness of IPv6 == usefulness of IPv6-only. Wrong. Think of applications which are much simpler with IPv6, or cannot be done easily with IPv4. Such as apps that would need NAT traversal but plugging them to the current client-server model which is used to work around the NAT traversal requirement is not feasible. Pretty much everything can be plugged to v4 with a lot of effort. But at some point someone might actually figure out that doing that makes no sense. > > One could > > imagine a large number of p2p or similar applications falling under > > that category. Remember, our goal is not to deploy IPv6 so that we > > could surf the web using v6... > > Our goal also isn't running IPv6 + IPv4 w/NAT for all eternity. Of course not. > In a > large network, having to run IPv4 everywhere just for the DNS is NOT > cool, as this means having DHCP servers, worrying about subnet sizes > and everything else. If we needed to design v6-only systems, I don't think DNS discovery is coming even close to top of the list of problems we'd need to solve. > In an environment where the set of applications is > limited (I for one only need SSH and HTTP 98% of the time) running > v6-only internally and use proxying to talk to the v4 world is rapidly > becoming an interesting option. And for the rest, 2%? That's the gritty part here. (As well as deploying the infrastructure for the proxies etc.) > > You've probably seent his already, but have a peek at: > > > http://www.cs.utk.edu/~moore/opinions/ipv6/dubious-assumptions.html > > I'd be happy to swap IPv6 deployment scenarios some time, and mine are > slightly different than Keith's. But it's not all that relevant. In > order to be really useful, IPv6 needs to be able to function regardless > of the IPv4 status du jour. Example: a couple of RIPE meetings ago they > had lots of troubles with the DHCP server. Now I was happily logged in > to my server over SSH and tunneling email back and forth, but I was > completely unable to access any web pages, even the ones on my own box, > because I couldn't access the DNS: I had no IPv4 address, and MacOS > didn't support DNS transport over IPv6 at that time. Now if I can run > into this kind of trouble without actively looking for it, how are the > chances that something similar will happen at times to the ontold > millions whom IPv6 will be bestowed upon in the future? Sure, this will happen. But it will be no worse to the mainstream use as IPv4 won't work in any case, so there's little difference. Those who wish to truly avoid v4 are the early deployers in any case, may have had the DNS resolvers configured manually, using DHCPv6-lite, some other mechanism, etc. I'm not arguing that we should delay or avoid specifying DNS discovery; I'm just saying that it isn't our top priority, and folks who think it is are probably thinking of IPv6 deployment in different kind of terms. > >> it is imperative that we make it possible to run > >> IPv6-only, as this is the ultimate goal. Implementations that require > >> IPv4 for critical functions, even if it's only for a small set of such > >> functions, are useless in the long run. > > > Depends on how long run that will be. If you expect a node to be > > deployed for 10 years, probably yes. If it gets replaced or upgraded > > in 3 years, there's little chance of IPv4 going away during that time. > > It's not a question of going away. And how many people are still > running Windows 98? Or even 95 for that matter? Old stuff just doesn't > go away. Such old stuff (of today, say Windows 2003) is very unlikely even supposed to function properly in IPv6-only operation. There's always some old stuff around, but people who aren't switching away from that old stuff aren't expecting the old stuff to function except in the set-ups which have been stable for a long time. > > There will be no IETF last call as this is going for Informational, so > > if you really think the text is unjustified (given above), please > > state it now (and if possible, suggest alternative that would be more > > in line with the earlier context..) > > I suggested: > > > Note that in the absense of DNS resolvers reachable over IPv6, either > > due to failed discovery and/or lack of configuration, DNS resolvers > > reachable over IPv4 may be used, if available. > > Is there anything wrong with this? I think this captures what we want > implementors to do fairly well. We want them to implement whatever DNS > discovery we come up with, but if they don't they should at least make > it possible to configure IPv6 addresses for DNS resolvers manually. > However, if (they didn't implement the discovery mechanism or no IPv6 > resolvers were found) and no IPv6 resolvers were configured, IPv4 > resolvers can be used. This document is not meant as a lever that can be used to show the vendors, "see, we need IPv6 DNS discovery!"; we need truth-in-advertising and the earlier statement is fully correct here: Note that IPv6 DNS resolver discovery is not required for dual-stack nodes in dual-stack networks as IPv6 DNS records can be queried over IPv4 as well as IPv6. Teasing apart two major points: 1) DNS resolver discovery is not *required* (in specific scenarios), but it does not hurt either. 2) you can only omit DNS resolver discovery if you're in a dual stack network and you're a dual stack node (if you have v6-only scenario in mind, you need it in any case). In other words, this says "In specific, common scenarios, IPv6 DNS resolver discovery is not required", while your suggestion says "If DNS resolver discovery doesn't work or doesn't exist, you can fall back to v4 as well if that works for you". The former is IMHO much more accurate, but I think the "required" part could be expanded to include a recommendation as well, like: Note that even though IPv6 DNS resolver discovery is a recommended procedure, it is not required for dual-stack nodes in dual-stack networks as IPv6 DNS records can be queried over IPv4 as well as IPv6. Would that alleviate your concern? -- Pekka Savola "You each name yourselves king, yet the Netcore Oy kingdom bleeds." Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings . dnsop resources:_____________________________________________________ web user interface: http://darkwing.uoregon.edu/~llynch/dnsop.html mhonarc archive: http://darkwing.uoregon.edu/~llynch/dnsop/index.html
