Thank you for writing this up! I think this is long-overdue and I'd be supportive of the dnsop working group adopting this. (It seems to make more sense for me to do this in dnsop while keeping v6ops informed.)
We likely will want to cover the concerns that Geoff raises around fragmentation, but it would be better to give guidance around addressing those issues. There is already very substantial deployment of IPv6 among DNS authorities and it is widely used by DNS recursive. I don't have numbers handy at the moment, but it would not surprise me if a significant portion of recursive-to-authoritative traffic is already IPv6. Given that, we need to fix issues there. Enabling IPv6-only networks to work is important and is starting to be practical in some scenarios. DNS is one of the bigger blocking points, and excellent progress has already been made. NIST has an IPv6 and DNSSEC deployment tracker: https://fedv6-deployment.antd.nist.gov/cgi-bin/generate-com For the tracked "industry" domains (still US-centric), IPv6 has gone from 10% IPv6 for DNS authorities to over 70% and is still growing. (DNSSEC-signed is still well below 10%). At least some governments are also requiring IPv6 DNS authorities for everything in the resolution chain, at least for some industries. We're far enough into this transition already on the authoritative DNS side that this is long overdue and in some ways may be defining existing best practices. Erik On Sun, Oct 22, 2023 at 8:13 PM Momoka Yamamoto <[email protected]> wrote: > Hello DNSOP Working Group, > > My name is Momoka Yamamoto and I've recently submitted an Internet-Draft > titled "DNS IPv6 Transport Operational Guidelines" > (draft-momoka-dnsop-3901bis-00) with my co-author Tobias > [email protected]. This draft discusses the operational guidelines > for operating authoritative and recursive DNS servers in mixed IPv4 and > IPv6 environments, expanding on RFC3910 to address the progressing IPv4 > exhaustion and the long-term necessity of IPv6-only resolvers. > > I would greatly appreciate any feedback, comments, or questions you may > have regarding this draft. I believe this document could contribute > significantly to the current discussions and work of the DNSOP working > group, especially in light of the wide adoption of IPv6 over the last 20 > years since BCP91 was written. > > The draft is open for discussion and I am looking forward to engaging with > the community to refine and improve it. > > Momoka Y > > ---------- Forwarded message --------- > From: <[email protected]> > Date: Mon, Oct 23, 2023 at 3:02 AM > Subject: New Version Notification for draft-momoka-dnsop-3901bis-00.txt > To: Momoka Yamamoto <[email protected]>, Tobias Fiebig < > [email protected]> > > > A new version of Internet-Draft draft-momoka-dnsop-3901bis-00.txt has been > successfully submitted by Momoka Yamamoto and posted to the > IETF repository. > > Name: draft-momoka-dnsop-3901bis > Revision: 00 > Title: DNS IPv6 Transport Operational Guidelines > Date: 2023-10-20 > Group: Individual Submission > Pages: 9 > URL: > https://www.ietf.org/archive/id/draft-momoka-dnsop-3901bis-00.txt > Status: https://datatracker.ietf.org/doc/draft-momoka-dnsop-3901bis/ > HTML: > https://www.ietf.org/archive/id/draft-momoka-dnsop-3901bis-00.html > HTMLized: https://datatracker.ietf.org/doc/html/draft-momoka-dnsop-3901bis > > > Abstract: > > This memo provides guidelines and documents Best Current Practice for > operating authoritative and recursive DNS servers given that queries > and responses are carried in a mixed environment of IPv4 and IPv6 > networks. It expands beyond [RFC3910] in so far that it now > considers the reality of progressing IPv4 exhaustion, which will make > IPv6-only resolvers necessary in the long-term. > > Discussion Venues > > This note is to be removed before publishing as an RFC. > > Source for this draft and an issue tracker can be found at > https://github.com/momoka0122y/draft-dnsop-3901bis. > > > > The IETF Secretariat > > > _______________________________________________ > DNSOP mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/dnsop >
_______________________________________________ DNSOP mailing list [email protected] https://www.ietf.org/mailman/listinfo/dnsop
