Penguin

For IPv6 there are two types of DNS ResourceRecord, AAAA and A6.

AAAA is the simple one -- it works just like an A record in IPv4, but with more bits.

A6 supports fragments of IPv6 addresses. You can say example.com has the fragment 2002:c000:0201, engineering.example.com has "the example.com fragment" + :0001, and foo.engineering.example.com has "the engineering prefix" + :0000:0000:0000:0001. This means that when example.com renumbers, they change just the one ResourceRecord for example.com and all of their machines have been renumbered.

Some people complain that A6 is too complicated, and prone to problems:

  • What is the TTL on the response if the fragments all have different lifetimes?
  • What's the status of it if some of the entries (but not all of them) are signed with DNSSEC?
  • What protection is there against DoS?

The A6 people say that it's necessary for networks that regularly change IP address (eg: networks that use a dynamic 6to4 address).

A6 in general is the newer standard, and AAAA is the older standard, however, there doesn't yet appear to be much momentum for A6 support.


CategoryDns