Re: [sunset4] New Version Notification for draft-palet-sunset4-ipv6-ready-dns-00.txt

JORDI PALET MARTINEZ <jordi.palet@consulintel.es> Sun, 26 November 2017 09:06 UTC

Return-Path: <prvs=1503e18523=jordi.palet@consulintel.es>
X-Original-To: sunset4@ietfa.amsl.com
Delivered-To: sunset4@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2252A1293DB for <sunset4@ietfa.amsl.com>; Sun, 26 Nov 2017 01:06:50 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=consulintel.es; domainkeys=pass (1024-bit key) header.from=jordi.palet@consulintel.es header.d=consulintel.es
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id PeCNMViLH9aj for <sunset4@ietfa.amsl.com>; Sun, 26 Nov 2017 01:06:48 -0800 (PST)
Received: from mail.consulintel.es (mail.consulintel.es [217.126.185.215]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DE841120725 for <sunset4@ietf.org>; Sun, 26 Nov 2017 01:06:47 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=consulintel.es; s=MDaemon; t=1511687203; x=1512292003; q=dns/txt; h=DomainKey-Signature: Received:User-Agent:Date:Subject:From:To:CC:Message-ID: Thread-Topic:References:In-Reply-To:Mime-version:Content-type: Content-transfer-encoding:Reply-To; bh=KQXBvs8rFV/nOKz66ZT0X1N8F GQOjj92OKdgL7rPuMM=; b=aJ2aB/Ksmx/mhI03siETS/XZLaHtd91mnhxvvf0Ss zDB/pRJWZWerCZYAKgaC9GfaRR9qtVgXGe7+ZdMABG4fpN+aXLAna8pG2VNQVsHw p2MmDbFkS4GLCiPLMCu+E2j9qclrUJHX4pbauSRZ8JLhGDvRrCglqj5x85wTPDmp v8=
DomainKey-Signature: a=rsa-sha1; s=MDaemon; d=consulintel.es; c=simple; q=dns; h=from:message-id; b=FSWoo2e2gwzp3J0Qc8IBuPgXMNNVuID2HjhfKMxSz63IJNHDU1CyvCRejhTZ Qk70pobu2oj0zphEhv46WBSghrF2W5qcv3c+JEmyLvw5ISDmWmuQg4HrD xNWi9OYb4RXEYfIBwO/UaTrzCBGT1kfEb7TFyFMpZCDsLUCgm136Dg=;
X-MDAV-Processed: mail.consulintel.es, Sun, 26 Nov 2017 10:06:43 +0100
X-Spam-Processed: mail.consulintel.es, Sun, 26 Nov 2017 10:06:42 +0100
Received: from [10.10.10.133] by mail.consulintel.es (MDaemon PRO v11.0.3) with ESMTP id md50005638797.msg for <sunset4@ietf.org>; Sun, 26 Nov 2017 10:06:40 +0100
X-MDOP-RefID: re=0.000,fgs=0 (_st=1 _vt=0 _iwf=0)
X-Authenticated-Sender: jordi.palet@consulintel.es
X-HashCash: 1:20:171126:md50005638797::DqQmhl6KF7zPHgXs:000022/t
X-Return-Path: prvs=1503e18523=jordi.palet@consulintel.es
X-Envelope-From: jordi.palet@consulintel.es
X-MDaemon-Deliver-To: sunset4@ietf.org
User-Agent: Microsoft-MacOutlook/f.27.0.171010
Date: Sun, 26 Nov 2017 10:06:36 +0100
From: JORDI PALET MARTINEZ <jordi.palet@consulintel.es>
To: sunset4@ietf.org
CC: Daniel Karrenberg <daniel@karrenberg.net>
Message-ID: <54BE124A-EBAB-43B3-A405-0BAC35E09A4D@consulintel.es>
Thread-Topic: [sunset4] New Version Notification for draft-palet-sunset4-ipv6-ready-dns-00.txt
References: <151155545267.9162.17152586924934799206.idtracker@ietfa.amsl.com> <B0A6AF83-099A-4D4D-83EB-BA4B45D00353@consulintel.es> <2E863078-8E32-4657-B1F4-0417A0C95A05@consulintel.es> <18C3DFC8-45B9-4C41-8151-ACA840F00518@gmail.com>
In-Reply-To: <18C3DFC8-45B9-4C41-8151-ACA840F00518@gmail.com>
Mime-version: 1.0
Content-type: text/plain; charset="UTF-8"
Content-transfer-encoding: quoted-printable
Reply-To: jordi.palet@consulintel.es
Archived-At: <https://mailarchive.ietf.org/arch/msg/sunset4/HrWCTgjRzANLI0zAoOBg3YSXoFc>
Subject: Re: [sunset4] New Version Notification for draft-palet-sunset4-ipv6-ready-dns-00.txt
X-BeenThere: sunset4@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: sunset4 working group discussion list <sunset4.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sunset4>, <mailto:sunset4-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sunset4/>
List-Post: <mailto:sunset4@ietf.org>
List-Help: <mailto:sunset4-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sunset4>, <mailto:sunset4-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 26 Nov 2017 09:06:50 -0000

(keeping the discussion in sunset4, as I believe is where it belongs to)

Hi Fred,

Thanks a lot for reading and providing input!

I know the root servers are IPv6 enables since many years ago, however, in my document I want to “reinforce it”, because I don’t think there is any IETF document that mandates it, so at this way we ensure that IPv6 support is not “dropped” in a root in the future (looks silly, but just in case). Also at this way if there is such document, we have a “single on” that include all the DNS levels.

I tried to find an ICANN document that states it before writing the draft, but google didn’t helped. Right now, doing some new searches, I found this:

https://www.icann.org/resources/pages/ipv6-initiative-2017-02-28-en

So, it looks like only the ccTLDcan opt-out that rule, which is very sad … However, if we make it happen in a couple of years for all but a few ccTLDs, that’s a great success. Even more, ccTLDs frequently have copies among themselves, so for example .es, .cl, .fr, which are IPv6 enabled, may backup .sv which is not (is just an example, not saying this is the case, but lots of them do this way).

Regarding SLD, I actually say it … I didn’t want to say SLDs, 3LDs, and so on, because they may be many extra levels, and I wanted to cover all the with a more simpler terminology (I think many folks don't know SLD or 3LD), but they know “anything that has an A record …” so I used “Other A RRs, MUST be IPv6-Ready in 24 months”, and before that I spell out “IPv6-Ready” as 

“IPv6-Ready DNS Infrastructure" means that a DNS
   server (root, TLD, authoritative NS) is fully accessible and
operational if queried from a remote dual-stack and IPv6-only
   network.

   In general, that means having AAAA RRs in addition to A RRs, ensuring
   that PMTUD works correctly and fragmentation is correctly handled.

   In case DNSSEC is implemented with IPv4, it MUST support also
   IPv6-only operation according the below defined timing.”

I guess that if you didn’t get that in my ID, I need to do some clarification in the text …

I’m an ATLAS ambassador and I’ve about 100 million credits, so I guess it will be easy to use them for this very interesting measurement, we just need to restart those measurements and if needed readjust what it was done before, to make sure that works in an IPv6-only environment, and checks as I mention in the draft not just the availability and reachability of AAAA, but also PMTUD/fragmentation, and I will say in both TCP and UDP. I also think that the community and/or RIPE NCC will be happy to provide more credits/resources for something like this if needed.

Regards,
Jordi
 

-----Mensaje original-----
De: sunset4 <sunset4-bounces@ietf.org> en nombre de Fred Baker <fredbaker.ietf@gmail.com>
Responder a: <fredbaker.ietf@gmail.com>
Fecha: sábado, 25 de noviembre de 2017, 20:01
Para: JORDI PALET MARTINEZ <jordi.palet@consulintel.es>
CC: <dnsop@ietf.org>, <6man@ietf.org>, Daniel Karrenberg <daniel@karrenberg.net>, "v6ops@ietf.org WG" <v6ops@ietf.org>, <sunset4@ietf.org>
Asunto: Re: [sunset4] New Version Notification for draft-palet-sunset4-ipv6-ready-dns-00.txt

    
    
    > On Nov 24, 2017, at 12:47 PM, JORDI PALET MARTINEZ <jordi.palet@consulintel.es> wrote:
    > 
    > I’ve started also to work in a policy proposal for ICANN in order to make sure that we get aligned.
    
    One thing you might want to think about: the root servers are all IPv6-capable today and serve requests using IPv6, and the 1541 TLDs are all required by contract with ICANN to be IPv6-capable. I think you'll find yourself holding the burden of proof that the infrastructure isn't capable of IPv6-only operation today.
    
    RSO statistics are available from http://www.root-servers.org/. ICANN TLDs are at https://data.iana.org/TLD/tlds-alpha-by-domain.txt.
    
    Reading through your draft, what I see that is probably not present today is an IPv6 address for every SLD, which is to say names like "example.com".
    
    What might be worth your while (I copy Daniel because he did a similar study using RIPE Atlas not too long ago and can point you to relevant documentation on how to do one yourself) would be to set up a RIPE Atlas study that accesses the Root, ccTLD, and gTLD authoritative servers using their IPv6 addresses and reports on the status of that from a wide variety of locations.
    _______________________________________________
    sunset4 mailing list
    sunset4@ietf.org
    https://www.ietf.org/mailman/listinfo/sunset4
    



**********************************************
IPv4 is over
Are you ready for the new Internet ?
http://www.consulintel.es
The IPv6 Company

This electronic message contains information which may be privileged or confidential. The information is intended to be for the exclusive use of the individual(s) named above and further non-explicilty authorized disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited and will be considered a criminal offense. If you are not the intended recipient be aware that any disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited, will be considered a criminal offense, so you must reply to the original sender to inform about this communication and delete it.