[ipv6-wg@ripe.net] Re: RIPE NCC's DNS server available in IPv6
Dear Carlos, et al, (Apologies for duplicates). Carlos Friacas <cfriacas@fccn.pt> writes: * Hello, * * I have a question about this, as pointed out by one of my colleagues here: * * As the SOA record for ripe.net., the glue record for ns.ripe.net. on * <whatever>.gtld-servers.net is 193.0.0.193, right? * Shouldnt they have also an AAAA record for ns.ripe.net on the net. zone? * Is this scheduled/possible/requestable/desirable??? * Indeed having this IN AAAA record included in the parent zone for ripe.net. would be the most desirable. So far I ignore though if .net nameservers are V6 ready or not. We definitively will look forward getting this record included in our parent zone etc... still the root-zone is not V6 ready yet, so the tree can not be completed anyway. With best regards. -- Daniel.Diaz Operations Manager RIPE NCC
we will be adding the AAAA glue record in the v6 testbed root zone for those sites that use ns.ripe.net as a server. for those who wish, this system does have v6 aware .NET and . zones as well as select, other TLDs that are v6 aware. % % Dear Carlos, et al, % % (Apologies for duplicates). % % % Carlos Friacas <cfriacas@fccn.pt> writes: % * Hello, % * % * I have a question about this, as pointed out by one of my colleagues here: % * % * As the SOA record for ripe.net., the glue record for ns.ripe.net. on % * <whatever>.gtld-servers.net is 193.0.0.193, right? % * Shouldnt they have also an AAAA record for ns.ripe.net on the net. zone? % * Is this scheduled/possible/requestable/desirable??? % * % % Indeed having this IN AAAA record included in the parent zone for ripe.net. % would be the most desirable. So far I ignore though if .net nameservers are V6 % ready % or not. We definitively will look forward getting this record included in our % parent zone etc... still the root-zone is not V6 ready yet, so the tree can % not % be completed anyway. % % With best regards. % % -- Daniel.Diaz % Operations Manager % RIPE NCC % % -- --bill Opinions expressed may not even be mine by the time you read them, and certainly don't reflect those of any other entity (legal or otherwise).
In your previous mail you wrote: Indeed having this IN AAAA record included in the parent zone for ripe.net. would be the most desirable. So far I ignore though if .net nameservers are V6 ready or not. We definitively will look forward getting this record included in our parent zone etc... still the root-zone is not V6 ready yet, so the tree can not be completed anyway. => to support AAAA RRs in the glue and to support IPv6 transport are two different things. And what it is asked for is the first/easiest one. Regards Francis.Dupont@enst-bretagne.fr
Francis Dupont <Francis.Dupont@enst-bretagne.fr> writes: * In your previous mail you wrote: * * Indeed having this IN AAAA record included in the parent zone for * ripe.net. would be the most desirable. So far I ignore though if .net * nameservers are V6 ready or not. We definitively will look forward * getting this record included in our parent zone etc... still the * root-zone is not V6 ready yet, so the tree can not be completed * anyway. * * => to support AAAA RRs in the glue and to support IPv6 transport are * two different things. And what it is asked for is the first/easiest one. I know and that was what I was replying to Francis. Not all DNS SW is V6 ready.... ;) Regards -- Daniel.Diaz RIPE NCC
On Tue, 3 Dec 2002, Daniel Diaz wrote: Hello again.
Francis Dupont <Francis.Dupont@enst-bretagne.fr> writes: * In your previous mail you wrote: * * Indeed having this IN AAAA record included in the parent zone for * ripe.net. would be the most desirable. So far I ignore though if .net * nameservers are V6 ready or not. We definitively will look forward * getting this record included in our parent zone etc... still the * root-zone is not V6 ready yet, so the tree can not be completed * anyway. * * => to support AAAA RRs in the glue and to support IPv6 transport are * two different things. And what it is asked for is the first/easiest one.
Of course. My original question objective was trying to know if RIPE wants to take this one more little step. Saying its easy, and not doing it doesnt make things go forward... :-) As i am not fully aware of all the consequences that could result from inserting the AAAA record in the net. zone, i tried to state my question carefully. :-) But this raises me one more question: Does someone know if there are *any* AAAA (glue-)records on that/(similar) zone(s) yet?
I know and that was what I was replying to Francis. Not all DNS SW is V6 ready.... ;)
Regards
-- Daniel.Diaz RIPE NCC
Thanks, ./Carlos "Networking is fun!" -------------- [http://www.ip6.fccn.pt] http://www.fccn.pt <cfriacas@fccn.pt>, CMF8-RIPE, CF596-ARIN, Wide Area Network Workgroup F.C.C.N. - Fundacao para a Computacao Cientifica Nacional fax: +351 218472167
Hello, Quote from Carlos Friacas: } But this raises me one more question: Does someone know if there are *any* } AAAA (glue-)records on that/(similar) zone(s) yet? I understand that "jp." has had IPv6 name servers for a while now. These are slightly abbreviated for ease of reading: % dig jp. ANY @ns0.nic.ad.jp ... ;; ANSWER SECTION: jp. 86400 IN NS ns0.nic.ad.jp. jp. 86400 IN SOA ns0.nic.ad.jp. bind-admin.nic.ad .jp. 2002120901 3600 900 604800 86400 jp. 86400 IN NS ns.wide.ad.jp. jp. 86400 IN NS ns0.iij.ad.jp. jp. 86400 IN NS dns0.spin.ad.jp. jp. 86400 IN NS ns-jp.sinet.ad.jp. jp. 86400 IN NS ns-jp.nic.ad.jp. ... ;; ADDITIONAL SECTION: ns0.nic.ad.jp. 86400 IN A 202.12.30.131 ns.wide.ad.jp. 86400 IN AAAA 2001:200:0:1::4 ns.wide.ad.jp. 86400 IN A 203.178.136.63 ns0.iij.ad.jp. 86400 IN AAAA 2001:240::53 ns0.iij.ad.jp. 86400 IN A 202.232.2.34 dns0.spin.ad.jp. 86400 IN A 165.76.0.98 ns-jp.sinet.ad.jp. 86400 IN A 150.100.2.3 ns-jp.nic.ad.jp. 86400 IN A 61.120.151.100 ... % dig nl. ANY @ns.domain-registry.nl. ... ;; ANSWER SECTION: nl. 345600 IN NS ns.domain-registry.nl. nl. 345600 IN NS ns.ripe.net. nl. 345600 IN NS auth02.ns.uu.net. nl. 345600 IN NS ns2.domain-registry.nl. nl. 345600 IN NS sunic.sunet.se. nl. 345600 IN NS ns2.nic.fr. nl. 345600 IN SOA ns.domain-registry.nl. hostmaster.domain-registry.nl. 200212060 28800 14400 2592000 345600 ... ;; ADDITIONAL SECTION: ns.domain-registry.nl. 345600 IN A 193.176.144.2 ns2.domain-registry.nl. 345600 IN A 193.176.144.130 ... % dig nl. ANY @sunic.sunet.se. ... ;; ADDITIONAL SECTION: ns.domain-registry.nl. 345600 IN A 193.176.144.2 ns.ripe.net. 172800 IN AAAA 2001:610:240:0:193::193 ns.ripe.net. 172800 IN A 193.0.0.193 auth02.ns.uu.net. 516 IN A 198.6.1.82 ns2.domain-registry.nl. 345600 IN A 193.176.144.130 sunic.sunet.se. 86400 IN A 192.36.125.2 ns2.nic.fr. 31778 IN A 192.93.0.4 ... % CONCLUSION: Now that the ns.ripe.net contains an AAAA record, it too is starting to seep into the TLDs that ns.ripe.net is a secondary name server for. As was said, asking the root servers about "nl." still doesn't give any AAAA glue records. But why don't ns*.domain-registry.nl and auth02.ns.uu.net provide full glue records for the name servers? -- Aleksi Suhonen / Axu TM Oy
On Mon, Dec 09, 2002 at 07:38:20AM +0200, Aleksi Suhonen wrote:
But why don't ns*.domain-registry.nl and auth02.ns.uu.net provide full glue records for the name servers?
If BIND is set to no-recursion and no fetch-glue then it will never find the address of a name server if it isn't listed in any zones that it has been told to load. This is currently considered a Good Thing <tm> because of security. You can tell that this is the way ns.domain-registry.nl is configured since it only gives additional information for the two name servers that ends with the name nl. Putting a glue for ns.ripe.net wont work within the .nl zone. (sunic.sunet.se is secondary for ripe.net, so it has the AAAA record already, and can give it as additional info) -- Robert Martin-Legene
participants (7)
-
Aleksi Suhonen -
Bill Manning -
Carlos Friacas -
Daniel Diaz -
Daniel.Diaz
-
Francis Dupont -
Robert Martin-Legène