[96106] in North American Network Operators' Group
Re: DHCPv6, was: Re: IPv6 Finally gets off the ground
daemon@ATHENA.MIT.EDU (Jeroen Massar)
Mon Apr 16 22:56:33 2007
Date: Tue, 17 Apr 2007 03:55:32 +0100
From: Jeroen Massar <jeroen@unfix.org>
To: Stephen Sprunk <stephen@sprunk.org>
Cc: "Chris L. Morrow" <christopher.morrow@verizonbusiness.com>,
Paul Vixie <paul@vix.com>,
North American Noise and Off-topic Gripes <nanog@merit.edu>
In-Reply-To: <029101c78098$46c9e7d0$6401a8c0@atlanta.polycom.com>
Errors-To: owner-nanog@merit.edu
This is an OpenPGP/MIME signed message (RFC 2440 and 3156)
--------------enigBDCB618FA72D1DF2F61233A6
Content-Type: text/plain; charset=ISO-8859-2
Content-Transfer-Encoding: quoted-printable
Stephen Sprunk wrote:
>=20
> Thus spake "Jeroen Massar" <jeroen@unfix.org>
>> But for the rest it all seems pretty fine to me...
>>
>> or do you mean that those ibahn things see "NOERROR" and
>> then no answers, thus wrongly cache that as label has 0 answers
>> at all? or what I mention above with the redirect?
>=20
> They do the same thing for requests that don't involve a CNAME, so
> they're either choking on the AAAA query or a NOERROR response in
> general; it's hard to tell which since I can only see one side of their=
> box. I also don't know how they react when you try to contact a site
> that _does_ have AAAA records, since no major content site has them
> (which is a whole 'nother discussion).
Wellps, we have www.ipv6experiment.com of course where the actual
content site soon will point to 2001:4978:0:0:0:0:B00:B1E5 :)
/me wonders how many spam/corpfirewalls etc will like that sentence, but
hotels won't have much of an issue with that I guess, it's one of the
reasons for their existence...
> What's weird is that they don't just return a 0-record NOERROR when you=
> do the follow-up A query, which would be the most logical failure mode
> -- they return an authoritative answer of 0.0.0.1 instead.
Ick. These folks really need a clue batting don't they?
> Of course, dealing with idiot consumers on a regular basis, their tech
> support folks insist the problem is on the user's machine and that it's=
> a bug in their v6 stack, despite Ethereal captures showing the bad DNS
> response packets coming from their box...
Argh, I can sort-of understand their way of handling it, but still, they
should have fixed this by now, and their clear broken DNS is simply a
real reason to avoid those hotels at all.
Can somebody please sponsor a trip to any of these hotels for either two
or both of the Pauls, that is Mockapetris or Vixie, and let THEM call
techsupport on this!? :) At least the "eh dude, I kinda like (invented
DNS|coded BIND) and I really do think I sort of know what I am talking
about" discussion would be worth a "extremely priceless" rating and a
good laugh for the coming years for most of the Ops community :)
Remember kids: never leave home without a well known IP address where
all kinds of obvious ports run your favorite tunneling mechanism :)
[443 seems to be very popular for that nowadays it seems...]
Long live tunnels and own infra!
Greets,
Jeroen
--
Have broken DNS =3D $10
Room for a Paul =3D $500
Letting Paul expain DNS problem to L1 "Tech" =3D Priceless
--------------enigBDCB618FA72D1DF2F61233A6
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (MingW32)
Comment: Jeroen Massar / http://unfix.org/~jeroen/
iHQEARECADUFAkYkNyQuFIAAAAAAFQAQcGthLWFkZHJlc3NAZ251cGcub3JnamVy
b2VuQHVuZml4Lm9yZwAKCRApqihSMz58I2IiAKCnEgGJqUUx7JypE+25Jn2YG8xG
hwCVFhkOAQy9dZNwHaDq9gGPNoEeDg==
=ALqN
-----END PGP SIGNATURE-----
--------------enigBDCB618FA72D1DF2F61233A6--
