Hi,
Anyone knows why coogle.com only have IPv4-adresses on their
authoritative DNS?
Are there any plans to fix this?
Lorenzo's reply to this statement
Google isn't reachable. There are no IPv6 servers for google.com.
was
Unfortunately, every time we've looked at the data, the
conclusion has been that it would cause unwarranted user
impact. IIRC the most recent blocker was a major US ISP
whose clients would experience breakage if even just one
NS record was dual-stacked. It's not an infrastructure
problem: the servers have supported IPv6 for years, and
some zones like google.fi do have IPv6 NS records.
See Message-ID: <CAKD1Yr2C3E1j9YZ+zsXWF_+A0-6FgckvijgAiJiTnFxUHxDWUQ@mail.gmail.com>
Unfortunately, every time we've looked at the data, the
conclusion has been that it would cause unwarranted user
impact. IIRC the most recent blocker was a major US ISP whose
clients would experience breakage if even just one NS record
was dual-stacked.
There are many zones (including your isc.org) that have several name
servers dual-stacked, and they didn't notice a problem. Furthermore,
since the DNS is a tree, resolution of google.com requires a proper
resolution of the root and .com, both having IPv6 name servers.
So, this answer is at least insufficient.
:
> Unfortunately, every time we've looked at the data, the
> conclusion has been that it would cause unwarranted user
> impact. IIRC the most recent blocker was a major US ISP whose
> clients would experience breakage if even just one NS record
> was dual-stacked.There are many zones (including your isc.org) that have several name
servers dual-stacked, and they didn't notice a problem. Furthermore,
since the DNS is a tree, resolution of google.com requires a proper
resolution of the root and .com, both having IPv6 name servers.So, this answer is at least insufficient.
It wouldn't suprise me if the dispute between Google and Cogent was
not part of the issue. Pure speculation on my part. I could be
completely off base.
Mark
There are many zones (including your isc.org) that have several name
servers dual-stacked, and they didn't notice a problem. Furthermore,
since the DNS is a tree, resolution of google.com requires a proper
resolution of the root and .com, both having IPv6 name servers.
"didn't notice a problem" is woefully insufficient here.
how carefully was this measured? how was it measured? across what
diversity of traffic. what was the threshold for "a problem" here.
different use cases have different tolerances for the kinds of bad user
experience that google is concerned about here, both in terms of percentage
and in amount of impact.
please note that google has been super aggressively implementing and
promoting IPv6 for years, so implications that this is somehow related to
Google dragging their feet are silly.
t
It wouldn't suprise me if the dispute between Google and Cogent was
not part of the issue. Pure speculation on my part. I could be
completely off base.
here in japan, if you are using ntt bflets layer two, your layer three
provider is likely to present you with a dns server which does not
return AAAAs because the v6 connectivity over ntt bflets transport sucks
caterpillar snot.
it's a whacky world. as geoff said long ago, if there ever is real
money counting on v6 transport, these messes will straighten out.
randy
totally agree. and i'd like someone else to volunteer the "real money"
traffic, please. 
t
Todd Underwood <toddunder@gmail.com> writes:
There are many zones (including your isc.org) that have several name
servers dual-stacked, and they didn't notice a problem. Furthermore,
since the DNS is a tree, resolution of google.com requires a proper
resolution of the root and .com, both having IPv6 name servers."didn't notice a problem" is woefully insufficient here.
how carefully was this measured? how was it measured? across what
diversity of traffic. what was the threshold for "a problem" here.
Agreed. Most domain owners/zone admins probably would not notice this,
even if it was a very real problem for one or two ISPs.
But given that, I do wonder how such an ISP could provide any service at
all. As pointed out by Stephane, there are so many zones having dual
stacked DNS servers nowadays that one more or less makes little
difference. Even if that zone is google.com. The rest of the world are
dual stacked wrt DNS, with very few exceptions.
What about the root zone? Or microsoft.com? Or facebook.com? No users
interested in either of those? Only google.com?
Sorry, I do not buy the excuse.
Bjørn
a message of 66 lines which said:
so implications that this is somehow related to Google dragging
their feet are silly.
Implying that the root name server operators, or Verisign (manager of
the .com name servers) did not test very thoroughly that everything is
fine with their DNS service is just as silly.
One badly configured mid sized ISP might blow search's entire failure
budget. (Read the SRE book.)
I have been trying for years to get somebody to do a measurement to show
that properly configured dual stack generally has better user QoE than
either protocol alone, largely because CGN doesn't scale well enough.
Thanks,
--MM--
The best way to predict the future is to create it. - Alan Kay
Privacy matters! We know from recent events that people are using our
services to speak in defiance of unjust governments. We treat privacy and
security as matters of life and death, because for some users, they are.
I don't think that was todd's implication.
I had thought i saw lorenzo/erik with some presentation materials about how
ipv6 (and dns) can go wrong. I know geoff has presentation work on this
matter, which he's given at least at IEPG meetings in the past.
there is work ongoing though, it seems:
;; ANSWER SECTION:
google.fi. 345600 IN NS ns2.google.com.
google.fi. 345600 IN NS ns4.google.com.
google.fi. 345600 IN NS ns1.google.com.
google.fi. 300 IN NS ns3ds.google.com.
;; Query time: 10 msec
;; SERVER: 4.2.2.2#53(4.2.2.2)
;; ANSWER SECTION:
ns3ds.google.com. 300 IN AAAA 2001:4860:4802:36::a
-chris
I guess it's obvious they had different techniques for measuring the impact
of their changes.... Can you point to published studies where the root and
.com server operators analyzed Todd's questions?
"""
"didn't notice a problem" is woefully insufficient here.
how carefully was this measured? how was it measured? across what
diversity of traffic. what was the threshold for "a problem" here.
different use cases have different tolerances for the kinds of bad user
experience that google is concerned about here, both in terms of percentage
and in amount of impact.
"""
As others have said, things will improve as more sites go dual-stack, and
google.com will enable dual-stack as soon as it's viable. In the meantime,
we encourage our competitors to try. 
Damian
a message of 82 lines which said:
Can you point to published studies where the root and .com server
operators analyzed Todd's questions?
For the root, the most comprehensive one is probably SAC 18
<www.icann.org/committees/security/sac018.pdf> A good summary is
<www.icann.org/en/meetings/lisbon/presentation-woolf-ssac-28mar07.pdf>
Thanks for sharing. From my quick read, it looks like this was a careful
analysis of the expected impact, not a review of the actual impact. It
reminds me of an instructive joke: "In theory, theory and practice are the
same. In practice, they are not."
Damian
landscape.