On 9/14/11 12:10 AM, "Mattia Rossi" <[email protected]> wrote:
>On 14/09/2011 13:36, Brzozowski, John wrote: >> On 9/11/11 7:32 PM, "Wouter Cloetens"<[email protected]> >> wrote: >> >> >>> On 10/09/11 19:24, Brzozowski, John wrote: >>>> My IPv6 DNS is currently forwarding to my service providers recursive >>>> DNS >>>> servers or some other server on the Internet. >>>> >>>> >>>> My local IPv4 DNS server privately addressed and will forward for any >>>> request it is not authoritative for, which works fine. >>>> >>>> I am going to change the setup so that the RFC5006 DNS server IPv6 >>>> address >>>> and the IPv4 DNS server addresses are the same server. This server >>>>will >>>> have forwarding statements for the internal zones to the internal DNS >>>> server. I imagine this will iron things out. Alternatively if the >>>>IPv4 >>>> local DNS servers were also IPv6 transport enabled I could just use >>>>it, >>>> however, this is not the case. >>> >>> Indeed. This works fine in the setup I made for my company. Public >>> lookups go upstream through my provider's IPv6 DNS server, local >>>lookups >>> go through the intranet's DNS server. Local lookups are defined as >>> *.company.com and all the private IPv4 subnets. The IPv6 DNS server >>> itself is authoritative for IPv6 until we merge the two some day. >> >> [jjmb] Interesting, certainly not the case for me. The resolver never >> tries a different DNS server once it gets responses from the IPv6. Just >> confirming, the DNS server (IPv6 transport) is authoritative for >> *.company.com right? If yes, this would explain why it works for you. > >Hmm, I've gone through this again, and it seems just weird to me, that >once you're not able to resolve the names via IPv6, you're client is not >falling back and trying the IPv4 DNS server, in case the one listed >first in your client is the Ipv6 one. If the first one listed is the >IPv4 one, you should be able to resolve the name immediately (via IPv4). [jjmb] the IPv6 DNS server addresses are listed first and tried first. Why would it try the others if there was not a failure? No data is an acceptable reply. Agree if the IPv4 addresses are listed first this would not be an issue, however, this is not how IPv6 behaves similar to how AAAA are preferred over A. > >On a side note: >In FreeBSD they just recently implemented RFC5006/RFC6106 following the >lines of OpenResolv. The cool thing it does on the client, is to set up >different DNS servers for different domains, so in your case it would >point to your local DNS if you want to resolve any *.company.com, and to >the other DNS for everything else (with fallback to the local DNS >eventually) > >Maybe we should push for that method to become standardised (if it >hasn't been done yet). [jjmb] now this seems interesting, is this available for testing yet? > >Mat > > >_______________________________________________ >homenet mailing list >[email protected] >https://www.ietf.org/mailman/listinfo/homenet _______________________________________________ homenet mailing list [email protected] https://www.ietf.org/mailman/listinfo/homenet
