IPv6 brokenness and DNS whitelisting
   HOME

TheInfoList



Click Here for Items Related To - IPv6 brokenness and DNS whitelisting
OR:
IPv6 brokenness and DNS whitelisting on:   [Wikipedia]   [Google]   [Amazon]

In the field of
IPv6 deployment Deployment of the Internet Protocol Version 6 (IPv6), the latest generation of the Internet Protocol, has been in progress since the mid-2000s. IPv6 was designed as a replacement for IPv4. IPv4 has been in use since 1982, and is in the final stag ...
, IPv6 brokenness was bad behavior seen in early tunneled or
dual stack Internet Protocol version 6 (IPv6) is the most recent version of the Internet Protocol (IP), the communications protocol that provides an identification and location system for computers on networks and routes traffic across the Internet. IPv ...
IPv6 Internet Protocol version 6 (IPv6) is the most recent version of the Internet Protocol (IP), the communication protocol, communications protocol that provides an identification and location system for computers on networks and routes traffic ...
deployments where unreliable or bogus IPv6 connectivity is chosen in preference to working IPv4 connectivity. This often resulted in long delays in web page loading, where the user had to wait for each attempted IPv6 connection to
time out Time-out, Time Out, or timeout may refer to: Time * Time-out (sport), in various sports, a break in play, called by a team * Television timeout, a break in sporting action so that a commercial break may be taken * Timeout (computing), an enginee ...
before the IPv4 connection was tried. These timeouts ranged from being near-instantaneous in the best cases, to taking anywhere between four seconds to three minutes. IPv6 brokenness is now generally regarded as a solved problem for almost all practical purposes, following improvements at both the transport and application layers.


Brokenness

As of May 2011, IPv6 brokenness as measured by instrumenting a set of mainstream Norwegian websites was down to ~0.015%, most of which was caused by older versions of
Mac OS X macOS (; previously OS X and originally Mac OS X) is a Unix operating system developed and marketed by Apple Inc. since 2001. It is the primary operating system for Apple's Mac (computer), Mac computers. Within the market of ...
which would often prefer non-working IPv6 connectivity when it was not justified. This behavior was fixed in Mac OS X 10.6.5, and is likely to decline further as Mac OS X 10.6.5 and subsequent versions roll out to a wider audience. However, there was no upgrade path for
PowerPC PowerPC (with the backronym Performance Optimization With Enhanced RISC – Performance Computing, sometimes abbreviated as PPC) is a reduced instruction set computer (RISC) instruction set architecture (ISA) created by the 1991 Apple Inc., App ...
-based Macs. The main remaining problem for Mac OS X was the presence of rogue routers, such as wrongly configured Windows Internet Connection Sharing devices pretending to have IPv6 connectivity, while 6to4 tunneled IPv6 traffic is blocked at a firewall. Another problem was pre-10.50 versions of Opera. Following
World IPv6 Day World IPv6 Day was a technical testing and publicity event in 2011 sponsored and organized by the Internet Society and several large Internet content services to test and promote public IPv6 deployment. Following the success of the 2011 test day, ...
in July 2011, there were reports of a substantial reduction in IPv6 brokenness as a result of that experiment. In the year following the trial, but prior to the
World IPv6 Launch World IPv6 Day was a technical testing and publicity event in 2011 sponsored and organized by the Internet Society and several large Internet content services to test and promote public IPv6 deployment. Following the success of the 2011 test day, ...
date, brokenness levels were reported to have risen slowly back upwards again towards 0.03%.


DNS whitelisting

Google Google LLC () is an American multinational technology company focusing on search engine technology, online advertising, cloud computing, computer software, quantum computing, e-commerce, artificial intelligence, and consumer electronics. ...
, a major provider of services on the Internet, experimented with using a type of DNS whitelisting on a per-ISP basis to prevent this until the World IPv6 Launch. In the DNS whitelisting approach, ISPs are determined from
DNS lookup In computer networks, a reverse DNS lookup or reverse DNS resolution (rDNS) is the querying technique of the Domain Name System (DNS) to determine the domain name associated with an IP address – the reverse of the usual "forward" DNS lookup o ...
source IP addresses by correlating them with network prefixes derived from routing tables. There is a
IETF draft
entitled "IPv6 AAAA DNS Whitelisting Implications" that describes the issues around whitelisting. AAAA records are only sent to ISPs that can demonstrate that they are providing reliable IPv6 to their customers. Other ISPs are sent only A records, thus preventing users from attempting to connect over IPv6 when hostnames are used instead of ipv6-addresses. Numerous concerns were raised about the practicality of DNS whitelisting as a long-term large-scale solution, such as scalability and maintenance issues relating to the maintenance of large numbers of bilateral agreements. In 2010, several of the major web service providers met to discuss pooling their DNS whitelisting information in an attempt to avoid these scaling problems.


Problem resolution

It appears that no major content providers eventually ended up using the whitelisting approach, given that all that had previously declared an interest began serving AAAA records to generic DNS queries following World IPv6 Launch Day. Google now provides AAAA records to all DNS servers except for those on a limited list of subnets which Google excludes from AAAA record service. As of 2017, IPv6 brokenness is now generally regarded as a non-problem. This is due to two factors: firstly, IPv6 transport is much improved, so that the underlying error rate is much reduced, and secondly, that common applications such as web browsers now use fast fallback methods such as the "
Happy Eyeballs Happy Eyeballs (also called Fast Fallback) is an algorithm published by the IETF that makes dual-stack applications (those that understand both IPv4 and IPv6) more responsive to users by attempting to connect using both IPv4 and IPv6 at the same ...
" algorithm to select whichever protocol works best. Some operating system vendors have rolled fast fallback algorithms into their higher-level
network stack The protocol stack or network stack is an implementation of a computer networking protocol suite or protocol family. Some of these terms are used interchangeably but strictly speaking, the ''suite'' is the definition of the communication protoco ...
APIs, thus making the solution available for all programs that use those APIs to make connections.


See also

*
World IPv6 Day and World IPv6 Launch Day World IPv6 Day was a technical testing and publicity event in 2011 sponsored and organized by the Internet Society and several large Internet content services to test and promote public IPv6 deployment. Following the success of the 2011 test day, ...
*
IPv6 deployment Deployment of the Internet Protocol Version 6 (IPv6), the latest generation of the Internet Protocol, has been in progress since the mid-2000s. IPv6 was designed as a replacement for IPv4. IPv4 has been in use since 1982, and is in the final stag ...


References


External links

* — continuously updated * * {{cite web, url=http://www.h-online.com/features/The-big-IPv6-experiment-1165042.html, archiveurl=https://web.archive.org/web/20131207044634/http://www.h-online.com/features/The-big-IPv6-experiment-1165042.html, archivedate=7 December 2013, title=The big IPv6 experiment, publisher=h-online.com, date=10 January 2011 IPv6 Domain Name System Technological failures