nanog mailing list archives
Re: v6 DNSSEC fail, was Buying IPv4 blocks
From: "John Levine" <johnl () iecc com>
Date: 4 Oct 2018 21:07:21 -0400
In article <60afb948-5f6d-8ea8-00c9-6d4d92ff0269 () forfun net>, Marco Davids via NANOG <mdavids () forfun net> wrote:
Even if you do have v6, some things like DNSSEC don't work very well if you can't do them over v4.Is that so?
Yeah, V6 UDP fragmentation and anycast are bad news. You can sort of fix it by doing all your v6 DNSSEC DNS queries over TCP but it's a lot easier to stick to v4. Geoff Huston has written about this a lot and it's a well known problem in the DNS community. I'm surprised if it's news to anyone here. https://blog.apnic.net/2017/08/22/dealing-ipv6-fragmentation-dns/
Current thread:
- Buying IPv4 blocks Ross Tajvar (Oct 01)
- Re: Buying IPv4 blocks Tyler Conrad (Oct 01)
- Re: Buying IPv4 blocks Payam Poursaied (Oct 02)
- Re: Buying IPv4 blocks John Curran (Oct 02)
- Re: Buying IPv4 blocks Ross Tajvar (Oct 04)
- Re: Buying IPv4 blocks John Lee (Oct 04)
- Re: Buying IPv4 blocks Ross Tajvar (Oct 04)
- Re: Buying IPv4 blocks Matt Harris (Oct 04)
- Re: Buying IPv4 blocks John Levine (Oct 04)
- Re: Buying IPv4 blocks Marco Davids via NANOG (Oct 04)
- Re: v6 DNSSEC fail, was Buying IPv4 blocks John Levine (Oct 04)
- Re: v6 DNSSEC fail, was Buying IPv4 blocks Mark Tinka (Oct 04)
- Re: v6 DNSSEC fail, was Buying IPv4 blocks Mark Andrews (Oct 04)
- Re: v6 DNSSEC fail, was Buying IPv4 blocks Brandon Martin (Oct 04)
- Re: v6 DNSSEC fail, was Buying IPv4 blocks Mark Andrews (Oct 05)
- Re: v6 DNSSEC fail, was Buying IPv4 blocks Brandon Martin (Oct 05)
- Re: Buying IPv4 blocks John Lee (Oct 04)
- RE: v6 DNSSEC fail, was Buying IPv4 blocks Naslund, Steve (Oct 07)
- Re: v6 DNSSEC fail, was Buying IPv4 blocks Brandon Martin (Oct 07)
- Re: v6 DNSSEC fail, was Buying IPv4 blocks Bryce Wilson (Oct 09)