AAAA/A6 lookups
Mark_Andrews at isc.org
Mark_Andrews at isc.org
Tue Jan 7 21:05:29 UTC 2003
>
> All,
> I was going through query logs and I notice a couple things that
> maybe one could help.
> ns1.fidelity.com is one of two name servers.
> I see 45,000 requests in a 24 hour period. Of those 45,000 requests only 500
> are A records the rest our AAAA or A6.
> So my questions are
> 1) Why so many ipv6 requests?
Because nameservers are looking up missing glue when handing out
answers and / or they are looking up the address to be able to
answer a query.
89 to 1 is not bad considering you have a 1 week TTL for the A
records and a 1 hour ttl on the negative response.
There is also a bug in some BIND 8 releases which prevents the
nameserver seeing the cached negative responses resulting in a
glue lookup on every response returned to the client.
> 2) Is there any way to black whole these requests? Like maybe creating
> false A6 records with a high TTL ?
Get yourself IPv6 connected and give the nameservers IPv6
addresses. Note you can tunnel in the IPv6 connections
over a IPv4 net if your upstream does not yet support IPv6.
> 3) Does bind , by default , make A6 queries before ipv4 requests?
BIND 9 does if the nameserver host OS is IPv6 capable (which
most are these days).
Mark
--
Mark Andrews, Internet Software Consortium
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: Mark.Andrews at isc.org
More information about the bind-users
mailing list