We all know that Google has been offering IPv6 services for awhile, through their Google over IPv6 (GoIPv6) program.  GoIPv6 gives you AAAA RRs for DNS queries only if the query comes from whitelisted address space, or bouncing queries off a cache in whitelisted address space.  In my mind, this is the stupidest thing ever, for a couple reasons.

One: Using other people's DNS servers breaks GSLB (a type of DNS load-balancing that attempts to use DNS to direct clients to the closest server or DC).  Most folks who use GoIPv6 use whitelisted DNS caches that are not geographically close.  This means they may get directed to a server that's close to the DNS server, but possibly far away from the client.  Another server might actually be closer.

Two: This does nothing to help fix broken networks that cause the presence of both A and AAAA RRs to result in connectivity failure.  Lots of networks out there have RAs enabled where there really isn't IPv6 connectivity, use broken HTTP proxy servers that don't handle IPv6 connections, or host broken DNS servers that blackhole AAAA queries (don't return NXDOMAIN).  The best way to get these fixed is to bite the bullet and put A and AAAA records on globally-significant sites!  If we rely on whitelisting, administrators of broken networks may never know they're broken, and nothing will get fixed.  If nobody can get to Google in the office, the network folks will fix it quickly.

Three: It doesn't help IPv6 adoption.

That being said, as of a few weeks ago there were rumors floating around the IPv6 operations mailing list that Google was going to be ditching the whitelisting and just going full-blown dual-stack with A/AAAAs.  Not sure when this will happen, but the news was encouraging.

However, I just saw this article today that seems to indicate that other big players are going to deploy IPv6 using a similar silly whitelisting method!

Content providers say they need a DNS Whitelist for IPv6 because the Internet has so many broken IPv6 links due to problematic default behavior and incompatibilities in operating systems, home gateways and customer premises equipment.

Stupid!

I have a feeling that temporary means a few years, unfortunately.  Is this progress?

New comments are currently disabled for this entry.