Hi wg,
On 14.05.20 14:36, Wilhelm Boeddinghaus wrote:
I they at least stay to this, there is hope. You can then enable IPv6
later without recoding the app.
I just want to through also 2 cents: Dragons will be everywhere!
To be more precise; now "the developer" has to make sure HOW the
resolving is handled. By no means I'm a programmer but as an
sys-/net-admin I have encountered several situations where
"applications" or software in general resolve i.e. a name only once, and
just stays with the answer for the whole runtime.
Bad example: Defaults of JRE 7 to 9 IIRC / Or software written in java
provides/sets defaults for the JRE used.
An other related aspect: the software or library makes this configurable
but the user/programmer is not aware of it, or its implications. Again
Java; in early documents this was even considered a security risk to
re-resolve a name. (No comment on that part from my side...) Or doing
regular resolve had a chance to perform internal (D)DoS. (No kidding!)
Also, the resolve can be implemented in so many ways and so many times
many things just get ignored... like: honer the TTL; or what if the
answer contains more then one entry, is v4 over v6 preferred? or the
other way, ....
What I want to say: Sadly its not that simple to just uses names. Devs
need guidance here, and explanation from people who know a fair bit of
how dns works to get the application behave properly. Also dev and ops
have to do proper testing of the functionality of course, too.
TL;DR; Sadly we could extent Wilhelms talk by even more "reasons" why
adoption especially in enterprises is sometimes, lets call it, difficult.
BUT, thanks for you talk Wilhelm!
Best,
Bernd
