Re: [v6ops] New draft at dnsop a bis for DNS IPv6 Transport Operational Guidelines

Geoff Huston <gih@apnic.net> Thu, 23 November 2023 06:10 UTC

Return-Path: <gih@apnic.net>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2445CC14CE51 for <v6ops@ietfa.amsl.com>; Wed, 22 Nov 2023 22:10:03 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.107
X-Spam-Level:
X-Spam-Status: No, score=-2.107 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=apnic.net
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id UpUnsVXz0u7k for <v6ops@ietfa.amsl.com>; Wed, 22 Nov 2023 22:09:58 -0800 (PST)
Received: from AUS01-ME3-obe.outbound.protection.outlook.com (mail-me3aus01on2068.outbound.protection.outlook.com [40.107.108.68]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8995BC14CF1D for <v6ops@ietf.org>; Wed, 22 Nov 2023 22:09:58 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=PQ2zWi4Ic5GrRG8VEmozqQMnZy7IX1Sb+UsZO1B+Jb8uFcbVqM5GXDQXJzquYZtfNpqvv4L438KUV5zeXJv8qEHWNMKv/Mpw2vQMMgO1e/ssGjqXb+1puiHdePvGi6xh/xU3B0pwDphZ5SPO0uXV6b6BmJ3XFgow6OmMZJuJyUZR8bpBxnOVNSeDxSMgojnbDjmA1O98FRTTF9qG6crduev5saI/vqNVejaYdqJdny+Nye39v0ZV42lhtnLK6qr2J7e70hy2d6gXjkEqyFYXbRH2eCDa03Tguh6XBCC8yC/eLYtQEjk1pS48oTwbO/I2/W54pVSWXc7vB3bECT0ilg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=jD64kDjqfCKjiPehaoXVt42rgTJ3YPtz7T2WRSAfNKQ=; b=kz698bUJ7M9UyodG0rVlF3gJ/IjxgRqI8LngAzAkXGOEWMwaRZJMEYgnTjbMQekKmBAqHtuRlYUG9VumcAnp5BQlAWe3OplqvSq2brz+96I0JM5XaEj0sQfampdYgyGT6mTDWaL4vsnjhbsfYSen+US9siks/5XQzl7JCTVNFQc0mCnLATDuR8n3RSlDYi3vkqPX45TFDa4hEvPvP5vmudSFNSJjKbS/h+oGWFoI8fVxrEqB/XJTSNcws/+GdqolcxpgpK+ntMRU32rkvHBit9Wsyggm6aA48tEi2NOqATmvU/MD26dPGmGdAtbfyEQegv+ybW3tTw3VBDD+Z3+79w==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=apnic.net; dmarc=pass action=none header.from=apnic.net; dkim=pass header.d=apnic.net; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=apnic.net; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=jD64kDjqfCKjiPehaoXVt42rgTJ3YPtz7T2WRSAfNKQ=; b=Gko0AXVKnnCpcdeAiKv3Qd8TYv228jXIIL4u6aR0PfRKd4tG1Qa3hjCSK0Q2ciJigeULCcsoD+7hATSSRkTKfNUHBGewdby5ZL0qlbkh0tnN8xhxY0Y16NnZh6GUcKUpbhjIM4jJmggkhBJGM2HCAwVYOqAVhrl6H0JfzWFK9Z4=
Received: from ME3P282MB3166.AUSP282.PROD.OUTLOOK.COM (2603:10c6:220:147::21) by SY8P282MB4372.AUSP282.PROD.OUTLOOK.COM (2603:10c6:10:25a::12) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7025.20; Thu, 23 Nov 2023 06:09:55 +0000
Received: from ME3P282MB3166.AUSP282.PROD.OUTLOOK.COM ([fe80::aa11:5164:d1b6:89aa]) by ME3P282MB3166.AUSP282.PROD.OUTLOOK.COM ([fe80::aa11:5164:d1b6:89aa%7]) with mapi id 15.20.7025.020; Thu, 23 Nov 2023 06:09:55 +0000
From: Geoff Huston <gih@apnic.net>
To: Gert Doering <gert@space.net>
CC: list <v6ops@ietf.org>
Thread-Topic: [v6ops] New draft at dnsop a bis for DNS IPv6 Transport Operational Guidelines
Thread-Index: AQHaExC9b2onPeoBBkiWl+bgdD+8xbByBSuAgAAuPoCAAdRrgIAAhJ6AgABD74CAErDLAA==
Date: Thu, 23 Nov 2023 06:09:55 +0000
Message-ID: <2532F4E0-725A-4403-9B62-0145EB9279BB@apnic.net>
References: <CAD9w2qYhCmkp2bOiGet4DY4AmbGHXj7r_reMibCK18rR8ivbMQ@mail.gmail.com> <CACMsEX8wQB3B1w2TOpPTjZoADYf5ybrKhpOXmo=iuOhUFJbJ5g@mail.gmail.com> <B57D7BFA-ECE9-4F23-9324-7591E91F457B@apnic.net> <ZU6WpbDBJ9lcik_3@Space.Net> <927959F5-71C8-4488-A52D-2A5A0969A951@apnic.net> <ZU8-4cLjPvTzXyJB@Space.Net>
In-Reply-To: <ZU8-4cLjPvTzXyJB@Space.Net>
Accept-Language: en-AU, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-mailer: Apple Mail (2.3774.200.91.1.1)
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=apnic.net;
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: ME3P282MB3166:EE_|SY8P282MB4372:EE_
x-ms-office365-filtering-correlation-id: cd11115f-6ec0-4880-f7f9-08dbebead03a
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: G09lkXqtLPA5qOXUjzv5XmMScxpvmkxCkDswbBYn7pT7u5X7T1KpISY2AQHeahZYubswAH1HHZpVYLzpi5fMILBqPp44gVjHYzaf8ucnvKvFlOA2hOiUx+KdBozCHMSCrHFwkylP6ofO9hIKi+grLzU/JQ4PCaqbT3DcnbPLLVdhUF9565S34UZOgnMNLWV4TwwxV7HGdcr20K8tRKjxUzXeC/B7H9rAtvzlf8cCKzEmE0Ywp5KtBil/mgMYCg1UisBf2pG9+byxu8sytZrhUE7RfWgpOB05gVYXx8Q8m5z8hpIoarKgq8pG9yMXj71Ro1FB4LuQmTneLBrB67+YTq8+FxF2VPwPOpdcsou5J5hUO8F9FyPhtedbaCR3V9hEK/I9rIZczK6J8bhz60lidPV0GtMMhqXQ0Gxqnm/gqwMJpvasCP7wFBMHqYdwQcCSR7M9HssmdQuq9PK0RIh4jGjKWimqWaE/xNxZo9qylJeUDCIrxdMuuIvP8DWqPWbA/rnsI2Ww0tkjW0HdXIM3PlB4J42uog2WGHWsPINcA6txqRRQM8CuYTvmdNXX8A2gg6+oGWVrGXhJgJl7BUV1XtTq2v3E9iBhwhaC0y0xkZsluvu32uN1FEvTQAlRtAtCJrOK1TDZevBBMQdhF4AgOw==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:ME3P282MB3166.AUSP282.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(13230031)(136003)(366004)(346002)(39840400004)(396003)(376002)(230922051799003)(186009)(64100799003)(451199024)(1800799012)(41300700001)(86362001)(71200400001)(5660300002)(2906002)(83380400001)(166002)(21615005)(38070700009)(36756003)(316002)(66946007)(76116006)(66556008)(66476007)(66446008)(6916009)(64756008)(91956017)(33656002)(966005)(6486002)(6506007)(53546011)(478600001)(2616005)(4326008)(8676002)(6512007)(8936002)(122000001)(38100700002)(45980500001); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: DqKViP7a+4pTC3TLJaM2WRWI1yF845SQbjuLHzBb0BXQvWPt5E0l6ppUJ82PUSN6FQkKVyXwHj2KXd+e11oX5XKZhjiBusuwrfTnIv3bW/e3VvmKMiy1w1u1oXhtY3RM0Y5zbthOcL+bd7Ho4wuBKUvbkQe07t3S+4VW+CSIxZeRkPeK1aeEY04BY1LOizsYFSDUR9219FwjBMa3zT79zrEz7D6dGf7RgmOhIrNEVEOZCND3nwnql+ADo9kJdma+8X8qs2oPfByIrem4OAJSzrN24ltAy2NmbBKIkE7bwoy4u726Xl44vimTbHLiB4eFdw5++7lncihB0R1qCYeEWoSZ5sdfcO2jWNrp2Ugr3uypPDs5oHYFH691cFX+PlQ5FpztJ1HzUgJwIh3uqEzPdjR9uTjTklv8AFOHvBeispI09HwSVMj8V4Z2cZZijpDYb0xuMCx4khea1Wc7YaxzYZnu5f4ITmXBtsTO6Y5o9zv6KGn/fyRSvlIRDP6i0lDbzaFB72z2vAb4GpAyrmOGVd2E+0yyVjSvLM3Py7MwBCqQY8oNy+MpzjJ4/nddUKxg+16Ai66XM2GncNPsUqvniaUhMXpjozwksj3nNe+/+ddzEB9N6ZaUa4zbYYXuCtZJVkLdXW+tk9zmRC5qo6DvH+Oomt/TY9TsnfrVfeRvRsKxQIjfOTiUgOBnnInG3QTXWmF+P0xWjVfLi8T6Uc5fsh3tAKcI2U63niKseiB5zs8L/iTBI/Y4hxA00WgIrWZzlEPO1qURdwGLqJrIfw1PXPAaCGEBvH2LESMImYQVp+4mXf+wFVZXrEbhICvdeuYdAKO+zqsnHhnk+XNmmTutYtbmnnTuDq/44Qlu/tvpasrtSsUvjtHvcYw+qvLvCTMp1+sZb0DNL6mo8wRlmFKqB5EPsGqrGgYreQ0R3DvdvXQ+pv7fTXcUOpIbExZsY30V0QQ3CAlbshE9//RmHflrQw2EhrnZF4deiL2edbeHEtwmm+4rJWaGf4NINWal3I1kDifXnJKOjbl9Oo7CExzdBn8B+pIvCivI0RbungZnbOfVgVO9M+6/zEgt49QyKgY4MDNpVCiW2b55DeZBUZnbqpltsJVWm3NNFk/lkPf0EYHn4/i8rCOV0JbPSfkXA6HFiPHzfa6TjukvLVgiUaej/B4EXqPslOy2/qJtt1irS9337F9dJ2Evf5wdnN7XQC1z345tPf5jF3qTOz0Xm4MSSTImwwtlDaQf1ClnM+t35GMc9aatAknMp/Wkinq68UHJruIuQxYblDGKW2C11j6G5/MGTAqh0ThBsqtTzSAKkuaEIJrZ4LpDtM1wU4xcuQJTD6aqrolNkfTJWMU1EBuGYvnE4zMcwSQWA+HSB+B7aN+XFIWjNMV8LSG6T7y1pCrqxWCZyemN/26zNSmf3njA87MOg/iYKg87ZD7xV+yosN18anWyMfxUvJ0/Hzk6e5ZhrWV24nR5f4SDrMZ2T6VC8b5+68J6YEjvQ0ectlvQxAGFRO3aE3/Y2S0H/eeBuDQNoCWAk6OchNOyRA2tyDZabMgXHMqgbNNtRGZ1GvEfNhqqgMsGdKTa4mUai4p7KP0BiqEzwDBNVz08mMOLx4BMggqe/HtcaFTBxVnYXI0EMOrtoE9nArPnF5vYxMQQNW9f
Content-Type: multipart/alternative; boundary="_000_2532F4E0725A44039B620145EB9279BBapnicnet_"
MIME-Version: 1.0
X-OriginatorOrg: apnic.net
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: ME3P282MB3166.AUSP282.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-Network-Message-Id: cd11115f-6ec0-4880-f7f9-08dbebead03a
X-MS-Exchange-CrossTenant-originalarrivaltime: 23 Nov 2023 06:09:55.1045 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 127d8d0d-7ccf-473d-ab09-6e44ad752ded
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: 3WWKuz5FAFPJq8IiB+7mN5v0TxAis20s1SfrqDPrK4eP8vt4D9SSjJtuJ/8mnGui
X-MS-Exchange-Transport-CrossTenantHeadersStamped: SY8P282MB4372
Archived-At: <https://mailarchive.ietf.org/arch/msg/v6ops/66su53F9ZcSk08ufRlWKtYwYWfc>
Subject: Re: [v6ops] New draft at dnsop a bis for DNS IPv6 Transport Operational Guidelines
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/v6ops/>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 23 Nov 2023 06:10:03 -0000


On 11 Nov 2023, at 7:44 pm, Gert Doering <gert@space.net> wrote:

Hi,

On Sat, Nov 11, 2023 at 04:41:20AM +0000, Geoff Huston wrote:
On 11 Nov 2023, at 12:46???am, Gert Doering <gert@space.net> wrote:

But if you think that IPv6 should be turned off, globally, because it's
beyond repair, maybe this should be stated clearly.  I might concur.

You appear to be reading a lot in the white spaces between the words in my note!.

Well, that seems to be the only logical consequence.  If IPv6 is so broken
that it's considered unwise to enable IPv6 on *one* nameserver out of
a set of multiple, then what *is* your message what to do?

Either we go for "IPv6 everywhere, IPv4 can be turned off" or we declare
failure, and go back to IPv4 + NAT everywhere.  Dual-stack forever is
not something I am willing to do.

After more than twenty years of hearing this, I'm well and truly over "IPv6 now!",
 "Go for IPv6" and other vacuous phrases - they add nothing to a
rational conversation about how to keep the network functioning efficiently
and effectively.

Go read https://www.potaroo.net/ispcol/2023-11/dns-ipv6.html to get a clearer
explanation of the issues here about the DNS, UDP and IPv6.