Impact on removing IPV6 DNS Server from client terminals when Dual-stack is enabled

Mark Andrews marka at isc.org
Mon Mar 1 06:27:55 UTC 2021


> On 1 Mar 2021, at 16:00, Duleep Thilakarathne <dchandimal at gmail.com> wrote:
> 
> Hi,
> 
> This is not an issue but just to get ideas from experienced bind resources. Please ignore this question, if it is out of the scope of this mailing thread. 
> 
> Significant number of DNS requests can be observed when dual-stack enabled and send both IPV4 and IPV6 DNS server addresses to clients through DHCP or similar. 
> 
> 
> According to RCF 4472,
> 
> "Note that even though IPv6 DNS resolver discovery is a recommended
>    procedure, it is not required for dual-stack nodes in dual-stack
>    networks as IPv6 DNS records can be queried over IPv4 as well as
>    IPv6.  Obviously, nodes that are meant to function without manual
>    configuration in IPv6-only networks must implement the DNS resolver 
> 
>    discovery function." 
> 
> client DNS request possibilities  as follows per domain. (client browser/Application may send all or selected queries in parallel with short time difference)
> 
> 1. A record requests to primary ipv4 dns server
> 2. A record request to secondary ipv4 dns
> 3. AAAA record requests to primary ipv4 dns server
> 4. AAAA record request to secondary ipv4 dns
> 5. A record requests to primary ipv6 dns server
> 6. A record request to secondary ipv6 dns
> 7. AAAA to primary ipv6 dns server
> 8. AAAA to secondary ipv6 dns server
> 
> What will happen,  if IPV6 DNS server addresses  are removed from DHCP or similar assignment in dual-stack scenario and only keep IPV4 DNS servers. I guess this will reduce load to DNS servers as well as SP networks. Are there any practical limitations ?. Is it mandatory to send both IPV4 and IPV6 DNS server addresses in a dual-stack scenario. 

Really I wouldn’t worry about it. Your primary and secondary servers are
likely to be dual stacked so the extra queries will be absorbed there.
Additionally, especially if you have BYOD, you have no control over machines
that are configured for IPv6-only.  Yes, there are plenty of IPv6-only networks
today.  On top of that you can have DHCP failures where RA continues to
work.  Why cause machines to break unnecessarily when that happens?

> Regards
> DT
> _______________________________________________
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list
> 
> ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information.
> 
> 
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users

-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742              INTERNET: marka at isc.org



More information about the bind-users mailing list