From andrei at ripe.net Tue Mar 14 13:42:23 2006 From: andrei at ripe.net (Andrei Robachevsky) Date: Tue, 14 Mar 2006 13:42:23 +0100 Subject: [dns-wg] Deprecation of ip6.int scheduled for 1 June 2006 Message-ID: <4416BA2F.8080809@ripe.net> Dear Colleagues In August 2005, the IETF published RFC 4159: 'Deprecation of "ip6.int"', as a Best Current Practice document. The RFC noted that maintenance of "ip6.int" is no longer needed and called on the Regional Internet Registries (RIRs) to decide when to stop providing support for the domain. The RIRs have jointly agreed to do this on 1 June 2006. There will be a short presentation on this at the RIPE 52 Meeting in Istanbul. You can find more information about this meeting at: http://www.ripe.net/ripe/meetings/ripe-52/index.html Regards Andrei Robachevsky Chief Technical Officer RIPE NCC From dougb at dougbarton.us Tue Mar 14 23:46:26 2006 From: dougb at dougbarton.us (Doug Barton) Date: Tue, 14 Mar 2006 14:46:26 -0800 Subject: [dns-wg] Deprecation of ip6.int scheduled for 1 June 2006 In-Reply-To: <4416BA2F.8080809@ripe.net> References: <4416BA2F.8080809@ripe.net> Message-ID: <441747C2.1060506@dougbarton.us> Andrei Robachevsky wrote: > Dear Colleagues > > In August 2005, the IETF published RFC 4159: 'Deprecation of "ip6.int"', > as a Best Current Practice document. The RFC noted that maintenance of > "ip6.int" is no longer needed and called on the Regional Internet > Registries (RIRs) to decide when to stop providing support for the > domain. The RIRs have jointly agreed to do this on 1 June 2006. ... and there was much rejoicing. :) Doug -- If you're never wrong, you're not trying hard enough From bmanning at vacation.karoshi.com Wed Mar 15 05:58:52 2006 From: bmanning at vacation.karoshi.com (bmanning at vacation.karoshi.com) Date: Wed, 15 Mar 2006 04:58:52 +0000 Subject: [dns-wg] Deprecation of ip6.int scheduled for 1 June 2006 In-Reply-To: <441747C2.1060506@dougbarton.us> References: <4416BA2F.8080809@ripe.net> <441747C2.1060506@dougbarton.us> Message-ID: <20060315045852.GC22897@vacation.karoshi.com.> On Tue, Mar 14, 2006 at 02:46:26PM -0800, Doug Barton wrote: > Andrei Robachevsky wrote: > > Dear Colleagues > > > > In August 2005, the IETF published RFC 4159: 'Deprecation of "ip6.int"', > > as a Best Current Practice document. The RFC noted that maintenance of > > "ip6.int" is no longer needed and called on the Regional Internet > > Registries (RIRs) to decide when to stop providing support for the > > domain. The RIRs have jointly agreed to do this on 1 June 2006. > > ... and there was much rejoicing. :) > > Doug now if the IETF & the RIRs could just get rid of all that deployed resolver code that looks for ip6.int by fiat. --bill From randy at psg.com Wed Mar 15 06:02:27 2006 From: randy at psg.com (Randy Bush) Date: Tue, 14 Mar 2006 19:02:27 -1000 Subject: [dns-wg] Deprecation of ip6.int scheduled for 1 June 2006 References: <4416BA2F.8080809@ripe.net> <441747C2.1060506@dougbarton.us> <20060315045852.GC22897@vacation.karoshi.com.> Message-ID: <17431.40931.583365.341408@roam.psg.com> > now if the IETF & the RIRs could just get rid of all that > deployed resolver code that looks for ip6.int by fiat. actually, i think it was kazu yamamoto who just gave a good analysis of why this is really not going to cause significant issues. randy From jeroen at unfix.org Wed Mar 15 11:17:03 2006 From: jeroen at unfix.org (Jeroen Massar) Date: Wed, 15 Mar 2006 11:17:03 +0100 Subject: [dns-wg] Deprecation of ip6.int scheduled for 1 June 2006 In-Reply-To: <17431.40931.583365.341408@roam.psg.com> References: <4416BA2F.8080809@ripe.net> <441747C2.1060506@dougbarton.us> <20060315045852.GC22897@vacation.karoshi.com.> <17431.40931.583365.341408@roam.psg.com> Message-ID: <1142417823.4632.58.camel@firenze.zurich.ibm.com> On Tue, 2006-03-14 at 19:02 -1000, Randy Bush wrote: > > now if the IETF & the RIRs could just get rid of all that > > deployed resolver code that looks for ip6.int by fiat. > > actually, i think it was kazu yamamoto who just gave a good > analysis of why this is really not going to cause significant > issues. I don't know what Kazu San said about it, but one of the main reasons being that the roots will from 1/6/2006 nicely return NXDOMAIN and the resolver code won't try any further. Indeed the application won't get a reverse, but hell, they should upgrade then. Too bad that the nice ip6.int private domain is going away for the people running it though. But experimentation has to end at a certain point, now lets go to production ;) Greets, Jeroen -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 242 bytes Desc: This is a digitally signed message part URL: From lutz at iks-jena.de Wed Mar 15 11:22:49 2006 From: lutz at iks-jena.de (Lutz Donnerhacke) Date: Wed, 15 Mar 2006 10:22:49 +0000 (UTC) Subject: [dns-wg] Deprecation of ip6.int scheduled for 1 June 2006 References: <1142417823.4632.58.camel@firenze.zurich.ibm.com> Message-ID: * Jeroen Massar wrote: > I don't know what Kazu San said about it, but one of the main reasons > being that the roots will from 1/6/2006 nicely return NXDOMAIN and the > resolver code won't try any further. Indeed the application won't get a > reverse, but hell, they should upgrade then. Upgrading Windows 2000 to XP or Vista will not happen that fast. Ok, let's show them numbers instead of names in tracert6.exe From jeroen at unfix.org Wed Mar 15 11:40:31 2006 From: jeroen at unfix.org (Jeroen Massar) Date: Wed, 15 Mar 2006 11:40:31 +0100 Subject: [dns-wg] Deprecation of ip6.int scheduled for 1 June 2006 In-Reply-To: References: <1142417823.4632.58.camel@firenze.zurich.ibm.com> Message-ID: <1142419231.4632.67.camel@firenze.zurich.ibm.com> On Wed, 2006-03-15 at 10:22 +0000, Lutz Donnerhacke wrote: > * Jeroen Massar wrote: > > I don't know what Kazu San said about it, but one of the main reasons > > being that the roots will from 1/6/2006 nicely return NXDOMAIN and the > > resolver code won't try any further. Indeed the application won't get a > > reverse, but hell, they should upgrade then. > > Upgrading Windows 2000 to XP or Vista will not happen that fast. > Ok, let's show them numbers instead of names in tracert6.exe Windows 2000 doesn't officialy support IPv6. If you have IPv6 on Win2k it is severely broken at a couple of points. Next to that, does it matter to see the numbers instead of names? It's not like you have SSH running on it or anything which requires logging. Thus what is the problem here? Only XP SP1/Win2k3/Vista and later are officially supported by M$ to have a working IPv6. Next ;) Greets, Jeroen -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 242 bytes Desc: This is a digitally signed message part URL: From dwmalone at maths.tcd.ie Wed Mar 15 11:58:01 2006 From: dwmalone at maths.tcd.ie (David Malone) Date: Wed, 15 Mar 2006 10:58:01 +0000 Subject: [dns-wg] Deprecation of ip6.int scheduled for 1 June 2006 In-Reply-To: Your message of "Tue, 14 Mar 2006 19:02:27 -1000." <17431.40931.583365.341408@roam.psg.com> Message-ID: <200603151058.aa52841@salmon.maths.tcd.ie> > > now if the IETF & the RIRs could just get rid of all that > > deployed resolver code that looks for ip6.int by fiat. > actually, i think it was kazu yamamoto who just gave a good > analysis of why this is really not going to cause significant > issues. The numbers of such external queries at our name server is already quite small relative to ip6.arpa: % zgrep -ich "external:.*\.ip6\.int.*PTR" /var/log/bind9-query.log* 0 2 4 5 % zgrep -ich "external:.*\.ip6\.arpa.*PTR" /var/log/bind9-query.log* 83 223 206 206 Looks like it may not be more then a few of percent. I guess there may be some clients that are fall back to ip6.int if a response is not forthcomming from ip6.arpa. David. From peter at peter-dambier.de Wed Mar 15 12:28:36 2006 From: peter at peter-dambier.de (Peter Dambier) Date: Wed, 15 Mar 2006 12:28:36 +0100 Subject: [dns-wg] Deprecation of ip6.int scheduled for 1 June 2006 In-Reply-To: References: <1142417823.4632.58.camel@firenze.zurich.ibm.com> Message-ID: <4417FA64.5080208@peter-dambier.de> Lutz Donnerhacke wrote: > * Jeroen Massar wrote: > >>I don't know what Kazu San said about it, but one of the main reasons >>being that the roots will from 1/6/2006 nicely return NXDOMAIN and the >>resolver code won't try any further. Indeed the application won't get a >>reverse, but hell, they should upgrade then. > > > Upgrading Windows 2000 to XP or Vista will not happen that fast. > Ok, let's show them numbers instead of names in tracert6.exe > > You always have the option of maintaining your /etc/hosts file. Even windows has a "\somewhere\" {hosts.txt|lmhosts|lmhosts.txt} file. So "dig"out what ever you need and stuff it into /etc/hosts then your day is saved :) Bonus, you can add deprecated site-local IPv6-addresses too. -- Peter and Karin Dambier The Public-Root Consortium Graeffstrasse 14 D-64646 Heppenheim +49(6252)671-788 (Telekom) +49(179)108-3978 (O2 Genion) +49(6252)750-308 (VoIP: sipgate.de) mail: peter at peter-dambier.de mail: peter at echnaton.serveftp.com http://iason.site.voila.fr/ https://sourceforge.net/projects/iason/ From gall at switch.ch Wed Mar 15 16:52:55 2006 From: gall at switch.ch (Alexander Gall) Date: Wed, 15 Mar 2006 16:52:55 +0100 Subject: [dns-wg] Deprecation of ip6.int scheduled for 1 June 2006 In-Reply-To: <20060315045852.GC22897@vacation.karoshi.com.> References: <4416BA2F.8080809@ripe.net> <441747C2.1060506@dougbarton.us> <20060315045852.GC22897@vacation.karoshi.com.> Message-ID: <17432.14423.29503.286935@hadron.switch.ch> On Wed, 15 Mar 2006 04:58:52 +0000, bmanning at vacation.karoshi.com said: > On Tue, Mar 14, 2006 at 02:46:26PM -0800, Doug Barton wrote: >> Andrei Robachevsky wrote: >> > Dear Colleagues >> > >> > In August 2005, the IETF published RFC 4159: 'Deprecation of "ip6.int"', >> > as a Best Current Practice document. The RFC noted that maintenance of >> > "ip6.int" is no longer needed and called on the Regional Internet >> > Registries (RIRs) to decide when to stop providing support for the >> > domain. The RIRs have jointly agreed to do this on 1 June 2006. >> >> ... and there was much rejoicing. :) >> >> Doug > now if the IETF & the RIRs could just get rid of all that > deployed resolver code that looks for ip6.int by fiat. As others said in this thread, this is probably not a big issue. A bigger issue is the fact that 0.1.0.0.2.ip6.int has been broken for a long time. I asked you several times to fix this :-) Why does it matter? For example, the resolver on Solaris (at least Solaris 9 and newer) first looks in ip6.arpa. When it doesn't find a PTR there, it looks in ip6.int. All delegations for 0.1.0.0.2.ip6.int are lame and a BIND9 cache will produce timeouts for every single query in this domain. So, when you do reverse lookups for anything in 2001::/20 that doesn't have a mapping in ip6.arpa, you'll run into this timeout and there's not much you can do about it except for ugly hacks on your cache. Incidentally, this happens for one of our IPv6 upstreams, which makes traceroute a real pain. Thanks to opensolaris.org I have found an undocumented option for resolv.conf (well, at least it's not in the man page). If you add options v6revmode:single then PTR queries will be restricted to ip6.arpa. Removing ip6.int is fine, keeping broken zones is not. -- Alex From gall at switch.ch Wed Mar 15 17:22:14 2006 From: gall at switch.ch (Alexander Gall) Date: Wed, 15 Mar 2006 17:22:14 +0100 Subject: [dns-wg] Deprecation of ip6.int scheduled for 1 June 2006 In-Reply-To: <17432.14423.29503.286935@hadron.switch.ch> References: <4416BA2F.8080809@ripe.net> <441747C2.1060506@dougbarton.us> <20060315045852.GC22897@vacation.karoshi.com.> <17432.14423.29503.286935@hadron.switch.ch> Message-ID: <17432.16182.815490.686146@hadron.switch.ch> On Wed, 15 Mar 2006 16:52:55 +0100, Alexander Gall said: > Thanks to opensolaris.org I have found an undocumented option for > resolv.conf (well, at least it's not in the man page). If you add > options v6revmode:single > then PTR queries will be restricted to ip6.arpa. This works on Solaris 9/10 as well, BTW. -- Alex From berni at birkenwald.de Wed Mar 15 17:27:05 2006 From: berni at birkenwald.de (Bernhard Schmidt) Date: Wed, 15 Mar 2006 17:27:05 +0100 Subject: [dns-wg] Deprecation of ip6.int scheduled for 1 June 2006 In-Reply-To: <17432.14423.29503.286935@hadron.switch.ch> References: <4416BA2F.8080809@ripe.net> <441747C2.1060506@dougbarton.us> <20060315045852.GC22897@vacation.karoshi.com.> <17432.14423.29503.286935@hadron.switch.ch> Message-ID: <1142440025.31297.8.camel@schlepptop.birkenwald.intern> Alexander Gall wrote: > Removing ip6.int is fine, keeping broken zones is not. Full ACK. Most IPv6 setups I've done so far have an empty zone configured in the resolvers for ip6.int (and did not request a delegation in ip6.int for their own block), because having no reverse name immediately is much more convenient than having no reverse name after a mandatory break waiting for the various delegation errors to timeout. ip6.int hasn't been stable for years, but the situation has become nearly unbearable since the ip6.int zones are no longer maintained. Not all hosts can be configured/updated to do ip6.arpa only (Cisco routers :-) ). I'm really looking forward to get ip6.int removed forever. Regards, Bernhard From mansaxel at sunet.se Thu Mar 16 11:00:52 2006 From: mansaxel at sunet.se (=?UTF-8?Q?M=C3=A5ns_Nilsson?=) Date: Thu, 16 Mar 2006 11:00:52 +0100 Subject: [dns-wg] Deprecation of ip6.int scheduled for 1 June 2006 In-Reply-To: <20060315045852.GC22897@vacation.karoshi.com.> References: <4416BA2F.8080809@ripe.net> <441747C2.1060506@dougbarton.us> <20060315045852.GC22897@vacation.karoshi.com.> Message-ID: <4D7F38AECA8C1A98BD5B9117@rasmus.kthnoc.net> --On den 15 mars 2006 04.58.52 +0000 bmanning at vacation.karoshi.com wrote: > now if the IETF & the RIRs could just get rid of all that > deployed resolver code that looks for ip6.int by fiat. IOS 12.0 will be fixed in 12.0(32)S2, and I believe that 12.1 and up are already taken care of. -- M?ns Nilsson Systems Specialist +46 70 681 7204 cell KTHNOC +46 8 790 6518 office MN1334-RIPE I'm having an EMOTIONAL OUTBURST!! But, uh, WHY is there a WAFFLE in my PAJAMA POCKET?? -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 188 bytes Desc: not available URL: From dougb at dougbarton.us Thu Mar 16 20:18:34 2006 From: dougb at dougbarton.us (Doug Barton) Date: Thu, 16 Mar 2006 11:18:34 -0800 Subject: [dns-wg] Deprecation of ip6.int scheduled for 1 June 2006 In-Reply-To: <1142417823.4632.58.camel@firenze.zurich.ibm.com> References: <4416BA2F.8080809@ripe.net> <441747C2.1060506@dougbarton.us> <20060315045852.GC22897@vacation.karoshi.com.> <17431.40931.583365.341408@roam.psg.com> <1142417823.4632.58.camel@firenze.zurich.ibm.com> Message-ID: <4419BA0A.6010908@dougbarton.us> Jeroen Massar wrote: > On Tue, 2006-03-14 at 19:02 -1000, Randy Bush wrote: >>> now if the IETF & the RIRs could just get rid of all that >>> deployed resolver code that looks for ip6.int by fiat. >> actually, i think it was kazu yamamoto who just gave a good >> analysis of why this is really not going to cause significant >> issues. > > I don't know what Kazu San said about it, but one of the main reasons > being that the roots will from 1/6/2006 nicely return NXDOMAIN and the > resolver code won't try any further. In the interests of pedantry, it won't be the roots that return NXDOMAIN, it will be the INT TLD name servers. The ip6.int delegation (although not the maintenance of the actual zone) is a service brought to you by your friends at ICANN. :) Also, FWIW, I agree with the general consensus that this should be pretty much a non-issue. In addition to the other sources mentioned, I know that the RIRs were doing research on this going back to at least 2004, so this decision has not been made lightly. Pulling the plug on this patient is the kindest thing for all concerned. Doug -- If you're never wrong, you're not trying hard enough From pk at DENIC.DE Thu Mar 16 20:28:25 2006 From: pk at DENIC.DE (Peter Koch) Date: Thu, 16 Mar 2006 20:28:25 +0100 Subject: [dns-wg] Deprecation of ip6.int scheduled for 1 June 2006 In-Reply-To: <4419BA0A.6010908@dougbarton.us> References: <4416BA2F.8080809@ripe.net> <441747C2.1060506@dougbarton.us> <20060315045852.GC22897@vacation.karoshi.com.> <17431.40931.583365.341408@roam.psg.com> <1142417823.4632.58.camel@firenze.zurich.ibm.com> <4419BA0A.6010908@dougbarton.us> Message-ID: <20060316192825.GF1225@unknown.office.denic.de> On Thu, Mar 16, 2006 at 11:18:34AM -0800, Doug Barton wrote: > much a non-issue. In addition to the other sources mentioned, I know that > the RIRs were doing research on this going back to at least 2004, so this > decision has not been made lightly. Pulling the plug on this patient is the > kindest thing for all concerned. agreed. However, what we do not yet know is how many queries never hit the RIR's servers because they were answered locally without ever leaving the respective site. Judging from the behaviour of the non-reverse-delegated address space, there _should_ be no surprises. -Peter