Subject: Re: DNS resolver address filtering
To: None <tech-net@NetBSD.org>
From: der Mouse <mouse@Rodents.Montreal.QC.CA>
List: tech-net
Date: 08/08/2005 03:32:23
> We need a facility added to the resolver to filter the addresses it
> returns.
We do?
> I do not have IPv6 connectivity. Until I do, it is pointless for the
> apps to try any IPv6 addresses.
With you so far.
> I need a way to prevent the DNS resolver (probably with a directive
> in /etc/resolv.conf) from returning IPv6 addresses.
Why? I don't see how this follows from the preceding.
Some of my machines have no v6 connectivity either. Aside from
occasional noise messages (EHOSTUNREACH/ENETUNREACH) when trying to
connect to v6 addresses, the current semantics haven't hurt anything as
far as I can see. (They can be a problem for tools that don't try
multiple addresses - but such tools are rather broken even in a v4-only
net anyway.)
> One day, there will be IPv6-only sites.
"One day"? I spent the second half of 2002 in Norway, working for
Universitetet i Tromsų. The University arranged for a netlink to my
house - and it was v6-only. (Fully routable v6 addresses, just no v4
connectivity.) As far as I can tell, only North America thinks v6 is
still in the future.
> They will also need such a filter facility, to remove IPv4 addresses
> from the resolver response.
I can't see why, any more than I see the need you see for removing v6
addresses now.
Can you explain what I'm missing?
/~\ The ASCII der Mouse
\ / Ribbon Campaign
X Against HTML mouse@rodents.montreal.qc.ca
/ \ Email! 7D C8 61 52 5D E7 2D 39 4E F1 31 3E E8 B3 27 4B