Re: AAAA on various websites, but they all forgot to enable them on their nameservers....
On Wed, Jun 8, 2011 at 12:15, Schiller, Heather A wrote: > ...yes, there is a serious lack of v6 enabled eyeballs. But it's also > not clear to me from Akamai's stats just how many of the sites they host > are v6 enabled. 2? 12? 500? I remember it being stated that ~40 of their customers would participate in Wv6 Day, but I obviously don't speak for Akamai and I can't find a pointer to that info now... ~Chris > > --heather > > -- @ChrisGrundemann weblog.chrisgrundemann.com www.burningwiththebush.com www.theIPv6experts.net www.coisoc.org
Re: AAAA on various websites, but they all forgot to enable them on their nameservers....
On Jun 15, 2011, at 12:32 PM, Jeroen van Aart wrote: > Seth Mattinen wrote: >> listen-on-v6 { any; }; > > Yeah that's what I did. But I keep reading about how these big name companies > messed it up in some subtle or not so subtle way and I keep thinking I must > have missed something. Because surely those big companies can't find it that > difficult, can they? :-) > Well... You may also need to put IPv6 glue records into the upstream DNS servers, depending on whether your nameservers live within the same zone or not. Owen
Re: AAAA on various websites, but they all forgot to enable them on their nameservers....
On Thu, Jun 16, 2011 at 08:05:14AM +1000, Mark Andrews wrote: > You tell named to listen on IPv6 (listen-on-v6). It already uses IPv6 > to make queries unless you turned it off on the command line with "named -4". > To go IPv6 only on a dual stack machine use "named -6". > You add records to the zones for the nameservers. > You update your glue records in the parent zone to include records > as well as A records. > You add IPv6 address to resolv.conf or equivalent (DHCPv6, the new RA option). > > You can mark non-local ula's as bogus and your one local ulas as good in > named.conf. And you check all your ACLs and TSIG server definitions etc. because suddenly zone transfers, DNS UPDATEs and other stuff (rndc!) might magically use IPv6 and don't match your ACLs etc. anymore. Best regards, Daniel -- CLUE-RIPE -- Jabber: d...@cluenet.de -- dr@IRCnet -- PGP: 0xA85C8AA0
Re: AAAA on various websites, but they all forgot to enable them on their nameservers....
In message <4df91ab3.6020...@mompl.net>, Jeroen van Aart writes: > Leo Bicknell wrote: > > but it all doesn't matter because the network team hadn't actually > > made IPv6 work yet as there was no business case. > > Ahhh, ok, well at least I know I did it right the first time. > > > No, I'm not cynical. :) > > It probably reflects daily practice for many big organisations, sadly. > Luckily I can configure dns, firewall/routing and (ipv6) networking > myself, so no need of passing along spreadsheets (besides I really hate > spreadsheets). > > Seth Mattinen wrote: > > I can send you a copy of my config offlist if you'd like; there's really > > nothing to it and it's been going along fine for as long as I can > > That won't be necessary, thanks. I think I have configured it correctly > and created the correct IPv6 records. Just wanted to make sure. > > Greetings, > Jeroen > > > -- > http://goldmark.org/jeff/stupid-disclaimers/ > http://linuxmafia.com/~rick/faq/plural-of-virus.html > You tell named to listen on IPv6 (listen-on-v6). It already uses IPv6 to make queries unless you turned it off on the command line with "named -4". To go IPv6 only on a dual stack machine use "named -6". You add records to the zones for the nameservers. You update your glue records in the parent zone to include records as well as A records. You add IPv6 address to resolv.conf or equivalent (DHCPv6, the new RA option). You can mark non-local ula's as bogus and your one local ulas as good in named.conf. servers fc00::/7 { bogus yes; }; servers fdxx::::/48 { bogus no; }; If you are only using IPv6 internally servers ::/0 { bogus yes; }; servers { bogus no; }; You should also be doing this at the routing level. -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
Re: AAAA on various websites, but they all forgot to enable them on their nameservers....
Leo Bicknell wrote: but it all doesn't matter because the network team hadn't actually made IPv6 work yet as there was no business case. Ahhh, ok, well at least I know I did it right the first time. No, I'm not cynical. :) It probably reflects daily practice for many big organisations, sadly. Luckily I can configure dns, firewall/routing and (ipv6) networking myself, so no need of passing along spreadsheets (besides I really hate spreadsheets). Seth Mattinen wrote: > I can send you a copy of my config offlist if you'd like; there's really > nothing to it and it's been going along fine for as long as I can That won't be necessary, thanks. I think I have configured it correctly and created the correct IPv6 records. Just wanted to make sure. Greetings, Jeroen -- http://goldmark.org/jeff/stupid-disclaimers/ http://linuxmafia.com/~rick/faq/plural-of-virus.html
Re: AAAA on various websites, but they all forgot to enable them on their nameservers....
In a message written on Wed, Jun 15, 2011 at 12:32:09PM -0700, Jeroen van Aart wrote: > Seth Mattinen wrote: > >listen-on-v6 { any; }; > > Yeah that's what I did. But I keep reading about how these big name > companies messed it up in some subtle or not so subtle way and I keep > thinking I must have missed something. Because surely those big > companies can't find it that difficult, can they? :-) But you see, those big companies didn't have a place in the Excel spreadsheet for DNS changes to indicate an IPv6 address, so the DNS team couldn't submit the right information to the Firewall team, but it all doesn't matter because the network team hadn't actually made IPv6 work yet as there was no business case. No, I'm not cynical. :) -- Leo Bicknell - bickn...@ufp.org - CCIE 3440 PGP keys at http://www.ufp.org/~bicknell/ pgp8rtQbLHEZZ.pgp Description: PGP signature
Re: AAAA on various websites, but they all forgot to enable them on their nameservers....
On 6/15/2011 12:32, Jeroen van Aart wrote: > Seth Mattinen wrote: >> listen-on-v6 { any; }; > > Yeah that's what I did. But I keep reading about how these big name > companies messed it up in some subtle or not so subtle way and I keep > thinking I must have missed something. Because surely those big > companies can't find it that difficult, can they? :-) > >> Simple as that. Indicate individual addresses, if preferred. Or switch >> to a DNS provider that has made this monumental configuration effort. > > I'd rather have the fuzzy warm feeling of accomplishment of IPv6 > enabling my own nameserver. > I can send you a copy of my config offlist if you'd like; there's really nothing to it and it's been going along fine for as long as I can remember. In the simple case of answering on a v6 address I can't see how that could go wrong unless the network it was on had other IPv6 failings. ~Seth
Re: AAAA on various websites, but they all forgot to enable them on their nameservers....
Seth Mattinen wrote: listen-on-v6 { any; }; Yeah that's what I did. But I keep reading about how these big name companies messed it up in some subtle or not so subtle way and I keep thinking I must have missed something. Because surely those big companies can't find it that difficult, can they? :-) Simple as that. Indicate individual addresses, if preferred. Or switch to a DNS provider that has made this monumental configuration effort. I'd rather have the fuzzy warm feeling of accomplishment of IPv6 enabling my own nameserver. Thanks, Jeroen -- http://goldmark.org/jeff/stupid-disclaimers/ http://linuxmafia.com/~rick/faq/plural-of-virus.html
Re: AAAA on various websites, but they all forgot to enable them on their nameservers....
On 6/15/2011 12:14, Jeroen van Aart wrote: > Octavio Alvarez wrote: >> In fact. Although a website of mine worked flawlessly in a dual-stack >> but it did NOT in an IPv6-only environment. Unfortunately, the problem >> has to be fixed in the DNS provider, which though supporting >> records was enough to "support IPv6". > > Why not run your own nameserver if it is your website assuming you own > the domain? > > Out of curiosity, what are the options you need to use to properly > enable bind for IPv6? To me it appears there isn't that much to it, it > almost works out of the box with 1 or 2 things turned on. Then you just > add the appropriate zone files or records. Am I missing something > blatantly obvious that will break it? > listen-on-v6 { any; }; Simple as that. Indicate individual addresses, if preferred. Or switch to a DNS provider that has made this monumental configuration effort. ~Seth
Re: AAAA on various websites, but they all forgot to enable them on their nameservers....
Octavio Alvarez wrote: In fact. Although a website of mine worked flawlessly in a dual-stack but it did NOT in an IPv6-only environment. Unfortunately, the problem has to be fixed in the DNS provider, which though supporting records was enough to "support IPv6". Why not run your own nameserver if it is your website assuming you own the domain? Out of curiosity, what are the options you need to use to properly enable bind for IPv6? To me it appears there isn't that much to it, it almost works out of the box with 1 or 2 things turned on. Then you just add the appropriate zone files or records. Am I missing something blatantly obvious that will break it? dig -6 +trace is our friend here. How would you apply this command to determine correct IPv6 resolving? Thanks, Jeroen -- http://goldmark.org/jeff/stupid-disclaimers/ http://linuxmafia.com/~rick/faq/plural-of-virus.html
Re: AAAA on various websites, but they all forgot to enable them on their nameservers....
On Wed, 08 Jun 2011 02:28:40 -0700, Jeroen Massar wrote: It is really nice that folks where able to put records on their websites for only 24 hours, but they forgot to put in the glue on their nameservers. As such, for the folks testing IPv6-only, a lot of sites will fail unless they use a recursor that does the IPv4 for them. In fact. Although a website of mine worked flawlessly in a dual-stack but it did NOT in an IPv6-only environment. Unfortunately, the problem has to be fixed in the DNS provider, which though supporting records was enough to "support IPv6". dig -6 +trace is our friend here. -- Octavio.
Re: AAAA on various websites, but they all forgot to enable them on their nameservers....
On Wed, 8 Jun 2011, Jeroen Massar wrote: :: It is really nice that folks where able to put records on their :: websites for only 24 hours, but they forgot to put in the glue on their :: nameservers. :: :: As such, for the folks testing IPv6-only, a lot of sites will fail :: unless they use a recursor that does the IPv4 for them. Speaking strictly for myself, we didn't "forget". First of all, that's not what World IPv6 Day was supposed to be about -- it's not about ipv6-only users, it's about dual-stacking content (if your ISP doesn't have enough ip's to dual-stack their recursive resolvers, you have bigger problems right now :) ).. Also, and more importantly, our data shows that 0.5% of the users can't resolve hostnames if we enabled glue on all resolvers... And, before somebody asks, I don't have any data on what happends if you enable v6-glue to only 1 of your NS's though :) -igor
Re: AAAA on various websites, but they all forgot to enable them on their nameservers....
> ...yes, there is a serious lack of v6 enabled eyeballs. But it's also > not clear to me from Akamai's stats just how many of the sites they host > are v6 enabled. 2? 12? 500? True. I'll go back to their site and dig for more detailed info about what those "hits" are actually hitting. Regards Jorge
RE: AAAA on various websites, but they all forgot to enable them on their nameservers....
-Original Message- From: Jorge Amodio [mailto:jmamo...@gmail.com] Sent: Wednesday, June 08, 2011 1:01 PM To: Lucy Lynch Cc: nanog@nanog.org Subject: Re: on various websites, but they all forgot to enable them on their nameservers >>> http://www.mrp.net/IPv6Day.html >> >> The web access column reflects access to internal content or just the >> home page ? > > Mark's notes explain what he tested and clicking on any link shows the > result of his diagnostics: > > http://www.mrp.net//IPv6Day_files/diagnostics/aol.com.html > > guessing he didn't do depth probes. Maybe you want to set something up? Thanks for the follow up. I noticed that the test only looks for the html survey file. Just curious since other folks reported that some content providers are serving the home page via IPv6 but other content goes via IPv4. Still surprised that Akamai's numbers feel very low, 300+ hits per sec (worldwide) for one of the major CDN is not that much IHMO, we really need more IPv6 eye-balls connecting. -J ...yes, there is a serious lack of v6 enabled eyeballs. But it's also not clear to me from Akamai's stats just how many of the sites they host are v6 enabled. 2? 12? 500? --heather
Re:Re: AAAA on various websites, but they all forgot to enable them on their nameservers.. (Jorge Amodio)(Lucy Lynch)
> > > You shouldn't. The matter of the fact is that for al leats 24 hours users > like you and me ... all we can reach the main Webpages for each participant > in the ipv6 day. > > The idea is that this must be all in a transparent manner for the final > users. If you have an IPv6 supported insfrastructure, then you can try > http://ipv6.google.com and feel the "power" of IPv6. > > A HOSTSV6.TXT file is not prepared for today (nor as actually I know). > > The results for this day are expected to be a reference for further IPv6 > deployment and implementation in the near future. > > Best regards xD. > -- > > Message: 1 > Date: Wed, 8 Jun 2011 11:04:42 -0500 > From: Jorge Amodio > Subject: Re: on various websites, but they all forgot to enable >them on their nameservers > To: Daniel Espejel > Cc: nanog@nanog.org > Message-ID: > Content-Type: text/plain; charset=ISO-8859-1 > > > The main objective for today is to access the web services, that's why > you > > can't reach a record for a DNS query for a given NS server. > > So if there are no records from where we ftp6 the HOSTSV6.TXT file ? > > -J > > > > ---------------------- > > Message: 2 > Date: Wed, 8 Jun 2011 09:05:38 -0700 (PDT) > From: Lucy Lynch > Subject: Re: on various websites, but they all forgot to enable >them on their nameservers > To: Daniel Espejel > Cc: nanog@nanog.org > Message-ID: > Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed > > On Wed, 8 Jun 2011, Daniel Espejel wrote: > > > Hi. > > > > The main objective for today is to access the web services, that's why > you > > can't reach a record for a DNS query for a given NS server. > > exactly - this site provides a nice service snapshot: > > http://www.mrp.net/IPv6Day.html > > > > > ; <<>> DiG 9.5.1-P3 <<>> www.google.com > > ;; global options: printcmd > > ;; Got answer: > > ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 40029 > > ;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 4, ADDITIONAL: 4 > > > > ;; QUESTION SECTION: > > ;www.google.com.IN > > > > ;; ANSWER SECTION: > > www.google.com.532907INCNAMEwww.l.google.com. > > www.l.google.com.150IN2001:4860:4002:802::1010 > > > > ; <<>> DiG 9.5.1-P3 <<>> www.yahoo.com > > ;; global options: printcmd > > ;; Got answer: > > ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 60816 > > ;; flags: qr rd ra; QUERY: 1, ANSWER: 7, AUTHORITY: 2, ADDITIONAL: 2 > > > > ;; QUESTION SECTION: > > ;www.yahoo.com.IN > > > > ;; ANSWER SECTION: > > www.yahoo.com.284INCNAMEfpfd.wa1.b.yahoo.com. > > fpfd.wa1.b.yahoo.com.6IN2001:4998:f00c:1fe::3001 > > fpfd.wa1.b.yahoo.com.6IN2001:4998:f011:1fe::3001 > > fpfd.wa1.b.yahoo.com.6IN2001:4998:f011:1fe::3000 > > fpfd.wa1.b.yahoo.com.6IN2001:4998:f00d:1fe::3001 > > fpfd.wa1.b.yahoo.com.6IN2001:4998:f00d:1fe::3000 > > fpfd.wa1.b.yahoo.com.6IN2001:4998:f00c:1fe::3000 > > ; <<>> DiG 9.5.1-P3 <<>> www.facebook.com > > ;; global options: printcmd > > ;; Got answer: > > ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 12079 > > ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2 > > > > ;; QUESTION SECTION: > > ;www.facebook.com.IN > > > > ;; ANSWER SECTION: > > www.facebook.com.8IN2620:0:1c00:0:face:b00c:0:1 > > > > > > > > ; <<>> DiG 9.5.1-P3 <<>> www.unam.mx > > ;; global options: printcmd > > ;; Got answer: > > ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 42381 > > ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 5, ADDITIONAL: 5 > > > > ;; QUESTION SECTION: > > ;www.unam.mx.IN > > > > ;; ANSWER SECTION: > > www.unam.mx.6031IN > 2001:1218:1:6:d685:64ff:fec4:720b > > > > You see? there's a lot of IPv6 activity since a few weeks ago. xD > > > -- *Daniel Espejel Pérez *
Re: AAAA on various websites, but they all forgot to enable them on their nameservers....
>>> http://www.mrp.net/IPv6Day.html >> >> The web access column reflects access to internal content or just the >> home page ? > > Mark's notes explain what he tested and clicking on any link shows > the result of his diagnostics: > > http://www.mrp.net//IPv6Day_files/diagnostics/aol.com.html > > guessing he didn't do depth probes. Maybe you want to set something up? Thanks for the follow up. I noticed that the test only looks for the html survey file. Just curious since other folks reported that some content providers are serving the home page via IPv6 but other content goes via IPv4. Still surprised that Akamai's numbers feel very low, 300+ hits per sec (worldwide) for one of the major CDN is not that much IHMO, we really need more IPv6 eye-balls connecting. -J
Re: AAAA on various websites, but they all forgot to enable them on their nameservers....
On Wed, 8 Jun 2011, Jorge Amodio wrote: http://www.mrp.net/IPv6Day.html The web access column reflects access to internal content or just the home page ? Mark's notes explain what he tested and clicking on any link shows the result of his diagnostics: http://www.mrp.net//IPv6Day_files/diagnostics/aol.com.html guessing he didn't do depth probes. Maybe you want to set something up? - Lucy -J
Re: AAAA on various websites, but they all forgot to enable them on their nameservers....
> http://www.mrp.net/IPv6Day.html The web access column reflects access to internal content or just the home page ? -J
Re: AAAA on various websites, but they all forgot to enable them on their nameservers....
On Wed, 8 Jun 2011, Daniel Espejel wrote: Hi. The main objective for today is to access the web services, that's why you can't reach a record for a DNS query for a given NS server. exactly - this site provides a nice service snapshot: http://www.mrp.net/IPv6Day.html ; <<>> DiG 9.5.1-P3 <<>> www.google.com ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 40029 ;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 4, ADDITIONAL: 4 ;; QUESTION SECTION: ;www.google.com.IN ;; ANSWER SECTION: www.google.com.532907INCNAMEwww.l.google.com. www.l.google.com.150IN2001:4860:4002:802::1010 ; <<>> DiG 9.5.1-P3 <<>> www.yahoo.com ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 60816 ;; flags: qr rd ra; QUERY: 1, ANSWER: 7, AUTHORITY: 2, ADDITIONAL: 2 ;; QUESTION SECTION: ;www.yahoo.com.IN ;; ANSWER SECTION: www.yahoo.com.284INCNAMEfpfd.wa1.b.yahoo.com. fpfd.wa1.b.yahoo.com.6IN2001:4998:f00c:1fe::3001 fpfd.wa1.b.yahoo.com.6IN2001:4998:f011:1fe::3001 fpfd.wa1.b.yahoo.com.6IN2001:4998:f011:1fe::3000 fpfd.wa1.b.yahoo.com.6IN2001:4998:f00d:1fe::3001 fpfd.wa1.b.yahoo.com.6IN2001:4998:f00d:1fe::3000 fpfd.wa1.b.yahoo.com.6IN2001:4998:f00c:1fe::3000 ; <<>> DiG 9.5.1-P3 <<>> www.facebook.com ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 12079 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2 ;; QUESTION SECTION: ;www.facebook.com.IN ;; ANSWER SECTION: www.facebook.com.8IN2620:0:1c00:0:face:b00c:0:1 ; <<>> DiG 9.5.1-P3 <<>> www.unam.mx ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 42381 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 5, ADDITIONAL: 5 ;; QUESTION SECTION: ;www.unam.mx.IN ;; ANSWER SECTION: www.unam.mx.6031IN2001:1218:1:6:d685:64ff:fec4:720b You see? there's a lot of IPv6 activity since a few weeks ago. xD ------------------------------ Message: 1 Date: Wed, 08 Jun 2011 11:28:40 +0200 From: Jeroen Massar Subject: on various websites, but they all forgot to enable them on theirnameservers To: nanog Message-ID: <4def40c8.3020...@unfix.org> Content-Type: text/plain; charset=ISO-8859-1 It is really nice that folks where able to put records on their websites for only 24 hours, but they forgot to put in the glue on their nameservers. As such, for the folks testing IPv6-only, a lot of sites will fail unless they use a recursor that does the IPv4 for them. The root is there, .com does it mostly too (well, a+b have IPv6), but most sites don't. Thus maybe that can be done next year on the next IPv6 day? :) At least one step closer, now lets hope that sites also keep that IPv6 address there. Greets, Jeroen -- $ dig @d.gtld-servers.net ns1.google.com ; <<>> DiG 9.7.3 <<>> @d.gtld-servers.net ns1.google.com ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 16030 ;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 4, ADDITIONAL: 4 ;; WARNING: recursion requested but not available ;; QUESTION SECTION: ;ns1.google.com.IN ;; AUTHORITY SECTION: google.com. 172800 IN NS ns2.google.com. google.com. 172800 IN NS ns1.google.com. google.com. 172800 IN NS ns3.google.com. google.com. 172800 IN NS ns4.google.com. ;; ADDITIONAL SECTION: ns2.google.com. 172800 IN A 216.239.34.10 ns1.google.com. 172800 IN A 216.239.32.10 ns3.google.com. 172800 IN A 216.239.36.10 ns4.google.com. 172800 IN A 216.239.38.10 ;; Query time: 123 msec ;; SERVER: 192.31.80.30#53(192.31.80.30) ;; WHEN: Wed Jun 8 11:26:35 2011 ;; MSG SIZE rcvd: 164 $ dig @d.gtld-servers.net ns1.cisco.com ; <<>> DiG 9.7.3 <<>> @d.gtld-servers.net ns1.cisco.com ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 55271 ;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 2, ADDITIONAL: 2 ;; WARNING: recursion requested but not available ;; QUESTION SECTION: ;ns1.cisco.com. IN ;; AUTHORITY SECTION: cisco.com. 172800 IN NS ns1.c
Re: AAAA on various websites, but they all forgot to enable them on their nameservers....
> The main objective for today is to access the web services, that's why you > can't reach a record for a DNS query for a given NS server. So if there are no records from where we ftp6 the HOSTSV6.TXT file ? -J
Re: AAAA on various websites, but they all forgot to enable them on their nameservers....
Hi. The main objective for today is to access the web services, that's why you can't reach a record for a DNS query for a given NS server. ; <<>> DiG 9.5.1-P3 <<>> www.google.com ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 40029 ;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 4, ADDITIONAL: 4 ;; QUESTION SECTION: ;www.google.com.IN ;; ANSWER SECTION: www.google.com.532907INCNAMEwww.l.google.com. www.l.google.com.150IN2001:4860:4002:802::1010 ; <<>> DiG 9.5.1-P3 <<>> www.yahoo.com ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 60816 ;; flags: qr rd ra; QUERY: 1, ANSWER: 7, AUTHORITY: 2, ADDITIONAL: 2 ;; QUESTION SECTION: ;www.yahoo.com.IN ;; ANSWER SECTION: www.yahoo.com.284INCNAMEfpfd.wa1.b.yahoo.com. fpfd.wa1.b.yahoo.com.6IN2001:4998:f00c:1fe::3001 fpfd.wa1.b.yahoo.com.6IN2001:4998:f011:1fe::3001 fpfd.wa1.b.yahoo.com.6IN2001:4998:f011:1fe::3000 fpfd.wa1.b.yahoo.com.6IN2001:4998:f00d:1fe::3001 fpfd.wa1.b.yahoo.com.6IN2001:4998:f00d:1fe::3000 fpfd.wa1.b.yahoo.com.6IN2001:4998:f00c:1fe::3000 ; <<>> DiG 9.5.1-P3 <<>> www.facebook.com ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 12079 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2 ;; QUESTION SECTION: ;www.facebook.com.IN ;; ANSWER SECTION: www.facebook.com.8IN2620:0:1c00:0:face:b00c:0:1 ; <<>> DiG 9.5.1-P3 <<>> www.unam.mx ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 42381 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 5, ADDITIONAL: 5 ;; QUESTION SECTION: ;www.unam.mx.IN ;; ANSWER SECTION: www.unam.mx.6031IN2001:1218:1:6:d685:64ff:fec4:720b You see? there's a lot of IPv6 activity since a few weeks ago. xD ------------------------------ > > Message: 1 > Date: Wed, 08 Jun 2011 11:28:40 +0200 > From: Jeroen Massar > Subject: on various websites, but they all forgot to enable them >on theirnameservers > To: nanog > Message-ID: <4def40c8.3020...@unfix.org> > Content-Type: text/plain; charset=ISO-8859-1 > > It is really nice that folks where able to put records on their > websites for only 24 hours, but they forgot to put in the glue on their > nameservers. > > As such, for the folks testing IPv6-only, a lot of sites will fail > unless they use a recursor that does the IPv4 for them. > > The root is there, .com does it mostly too (well, a+b have IPv6), but > most sites don't. Thus maybe that can be done next year on the next IPv6 > day? :) > > At least one step closer, now lets hope that sites also keep that IPv6 > address there. > > Greets, > Jeroen > > -- > > $ dig @d.gtld-servers.net ns1.google.com > > ; <<>> DiG 9.7.3 <<>> @d.gtld-servers.net ns1.google.com > ; (1 server found) > ;; global options: +cmd > ;; Got answer: > ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 16030 > ;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 4, ADDITIONAL: 4 > ;; WARNING: recursion requested but not available > > ;; QUESTION SECTION: > ;ns1.google.com.IN > > ;; AUTHORITY SECTION: > google.com. 172800 IN NS ns2.google.com. > google.com. 172800 IN NS ns1.google.com. > google.com. 172800 IN NS ns3.google.com. > google.com. 172800 IN NS ns4.google.com. > > ;; ADDITIONAL SECTION: > ns2.google.com. 172800 IN A 216.239.34.10 > ns1.google.com. 172800 IN A 216.239.32.10 > ns3.google.com. 172800 IN A 216.239.36.10 > ns4.google.com. 172800 IN A 216.239.38.10 > > ;; Query time: 123 msec > ;; SERVER: 192.31.80.30#53(192.31.80.30) > ;; WHEN: Wed Jun 8 11:26:35 2011 > ;; MSG SIZE rcvd: 164 > > $ dig @d.gtld-servers.net ns1.cisco.com > > ; <<>> DiG 9.7.3 <<>> @d.gtld-servers.net ns1.cisco.com > ; (1 server found) > ;; global options: +cmd > ;; Got answer: > ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 55271 > ;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 2, ADDITIONAL: 2 > ;
RE: AAAA on various websites, but they all forgot to enable them on their nameservers....
Ah...I saw the same thing at 6:01 Central. Lost DNS resolution of ipv6.juniper.net, and couldn't get A or NS records of juniper.net. Had to flush the cache on my DNS servers. Frank -Original Message- From: Daniel Verlouw [mailto:dan...@shunoshu.net] Sent: Wednesday, June 08, 2011 6:10 AM To: nanog Subject: Re: AAAA on various websites, but they all forgot to enable them on their nameservers On Wed, Jun 8, 2011 at 11:28, Jeroen Massar wrote: > It is really nice that folks where able to put records on their > websites for only 24 hours, but they forgot to put in the glue on their > nameservers. agreed, but still better than juniper.net at the moment, glue seems to be completely gone at ultradns :P --Daniel.
Re: AAAA on various websites, but they all forgot to enable them on their nameservers....
On Wed, Jun 8, 2011 at 11:28, Jeroen Massar wrote: > It is really nice that folks where able to put records on their > websites for only 24 hours, but they forgot to put in the glue on their > nameservers. agreed, but still better than juniper.net at the moment, glue seems to be completely gone at ultradns :P --Daniel.
AAAA on various websites, but they all forgot to enable them on their nameservers....
It is really nice that folks where able to put records on their websites for only 24 hours, but they forgot to put in the glue on their nameservers. As such, for the folks testing IPv6-only, a lot of sites will fail unless they use a recursor that does the IPv4 for them. The root is there, .com does it mostly too (well, a+b have IPv6), but most sites don't. Thus maybe that can be done next year on the next IPv6 day? :) At least one step closer, now lets hope that sites also keep that IPv6 address there. Greets, Jeroen -- $ dig @d.gtld-servers.net ns1.google.com ; <<>> DiG 9.7.3 <<>> @d.gtld-servers.net ns1.google.com ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 16030 ;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 4, ADDITIONAL: 4 ;; WARNING: recursion requested but not available ;; QUESTION SECTION: ;ns1.google.com.IN ;; AUTHORITY SECTION: google.com. 172800 IN NS ns2.google.com. google.com. 172800 IN NS ns1.google.com. google.com. 172800 IN NS ns3.google.com. google.com. 172800 IN NS ns4.google.com. ;; ADDITIONAL SECTION: ns2.google.com. 172800 IN A 216.239.34.10 ns1.google.com. 172800 IN A 216.239.32.10 ns3.google.com. 172800 IN A 216.239.36.10 ns4.google.com. 172800 IN A 216.239.38.10 ;; Query time: 123 msec ;; SERVER: 192.31.80.30#53(192.31.80.30) ;; WHEN: Wed Jun 8 11:26:35 2011 ;; MSG SIZE rcvd: 164 $ dig @d.gtld-servers.net ns1.cisco.com ; <<>> DiG 9.7.3 <<>> @d.gtld-servers.net ns1.cisco.com ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 55271 ;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 2, ADDITIONAL: 2 ;; WARNING: recursion requested but not available ;; QUESTION SECTION: ;ns1.cisco.com. IN ;; AUTHORITY SECTION: cisco.com. 172800 IN NS ns1.cisco.com. cisco.com. 172800 IN NS ns2.cisco.com. ;; ADDITIONAL SECTION: ns1.cisco.com. 172800 IN A 128.107.241.185 ns2.cisco.com. 172800 IN A 64.102.255.44 ;; Query time: 126 msec ;; SERVER: 192.31.80.30#53(192.31.80.30) ;; WHEN: Wed Jun 8 11:28:14 2011 ;; MSG SIZE rcvd: 95