I noticed that one of our vendors wasn't actually participating when
they very publicly put on their home page that they would. So I
queried the IPv6 day participation list to see who didn't have AAAA's
for their listed website. It turned out to be around 9.5%
Before you read the list, here's me shedding responsibility with a
list of caveats:
- The crappy perl script I am using might be broken. IE - it doesn't
think about "foo.com" vs "www.foo.com", HTTP redirection, or any of
that.
- The organizations in this list may have withdrawn because they found
out something was terribly broken.
- DNS caching may be skewing the results if the TTLs are long.
Was participating until we hit a rather nasty load balancer bug that
took out the entire unit if clients with a short MTU connected and it
needed to fragment packets (Citrix Netscaler running latest code). No
fix is available for it yet, so we had to shut it down. Ran for about
9 hours before the "magic" client that blew it up connected.
So if you are using a Netscaler with SLB-PT (IPv6 VIP balancing to
IPv4 servers), the entire LB is subject to stop working until they get
this fixed.
The ISOC dashboard that Chris mentions is indeed accurate and up to date
from our perspective. Comcast is definitely an active participant with
our website http://xfinity.comcast.net, which is live with a published
AAAA and is IPv6 reachable.
It is also probably why doing it again next month is too aggressive, and why we probably should have started doing them earlier. I wonder how many bug reports got filed today?
So if you are using a Netscaler with SLB-PT (IPv6 VIP balancing to
IPv4 servers), the entire LB is subject to stop working until they get
this fixed.
And this is EXACTLY why we needed World IPv6 Day.
Agreed, right on the money !!
Traffic stats may not say a lot yet due to tunnels and lack of native
IPv6 connectivity but finding this type of bugs is a major reason to
do live tests, even if the test fails.
Next one ? a month seems to be too soon, I guess there is a lot of
useful data to crunch and analyze and fixes to do, but sure we need
more live IPv6 activity.
I think it would be cool if for the next one, some major broadband
access providers take IPv6 down to the end customer, and not just
commercial customers. I know that CPE could be an issue but we need to
reach that layer. It does not help that the test says that my machine
and browser are ready when in the middle I've a brick that won't
work..
Well, we are still attempting to recreate the problem. It isn't
something as simple as someone coming in over a tunnel with a small
MTU with a larger advertised MSS. There is some "magic" that must
happen to actually put the unit in this state. We ran for 9 hours
before and 9 hours after the hiccup without any problems.
So it is going to take a while before we are ready to test this again
live. The sooner I can recreate the problem, the better, though.
I dont think ISOC dashboard is updating any more. Google is no longer
advertising AAAA but dashboard still shows green and TTLs were short on
those records.
I think it's important to thank Microsoft for leaving sites like xbox IPv6 enabled. Hope many other participants leave it on as well.
I think it's a certain sign of the maturity of the protocol and networks at this stage of the game.
I have observed some traffic step-down in the network, but it's not entirely clear if it's lowered to levels pre-v6-day.
Looking forward to those sharing data at NANOG next week. (I'm not convinced the data I have is worth sharing, but will send it over to the nanogpc soon enough..)
Thanks to all the v6day participants on all sides of the net. This has been
a great effort that will eventually be a precedent for all a major sites to
go dual stack with confidence as bugs are shaken out, access networks are
enabled, and meaningful data is collected and processed.
Cb
PS. Special thanks to isoc and the core group that stuck their neck out to
make this happen.
IMHO, it's worse than that. Most sites only added a AAAA record for
their website, and frequently didn't for their DNS server. So they
weren't *really* doing a complete IPv6 test, IMHO.
I actually ended up documenting my full results of testing for a number
of things (including DNSSEC, just because I could) at:
Agreed, in fact, I don't usually applaud Microsoft, but IPv6 wouldn't
be nearly as possible as it is today without them. They've been
better than almost everyone in making sure IPv6 support has been in
place and implemented correctly.