From owner-freebsd-stable@FreeBSD.ORG Mon Sep 17 19:47:27 2007 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 7884C16A473 for ; Mon, 17 Sep 2007 19:47:27 +0000 (UTC) (envelope-from netslists@gmail.com) Received: from wx-out-0506.google.com (wx-out-0506.google.com [66.249.82.235]) by mx1.freebsd.org (Postfix) with ESMTP id 471F513C45B for ; Mon, 17 Sep 2007 19:47:27 +0000 (UTC) (envelope-from netslists@gmail.com) Received: by wx-out-0506.google.com with SMTP id i29so1229576wxd for ; Mon, 17 Sep 2007 12:47:26 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:user-agent:mime-version:to:cc:subject:references:in-reply-to:content-type:content-transfer-encoding; bh=nIGRLqsi87vaHSUDSM3F6pRWcxXqTVovpqsqJbhbuFI=; b=lIGb5xKxYrS/S1abLc7mD9PnQTBM8Tu121IxlJdlu+l7SyFCwYlTrHI6yiFERa7XUI3eNPpCGx5+26I30SLxfzQs5cMOhhU0BH8lmKhIXlx0xKkxDyNtpf24b415KeYJrw48rGJhjlm1+4YJejq3t1Z9QIMTxn1IjkNXVT1e4a8= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:user-agent:mime-version:to:cc:subject:references:in-reply-to:content-type:content-transfer-encoding; b=seooWNTYb4OqmUGgovX/uR9w84VNeFpbJPvEJmSKM2ERBGFxwTRLTrvRDJuQhQCNEp7o5MSwkzQCQTLGrTq3ChUE+FNHt7yp6XS9hRUeyDuZcEzkX8t+wVxT06M0adxRO+4qBw06/1rMVs7igz1w2sXDZukemowAgxSZUqgUpa8= Received: by 10.142.102.5 with SMTP id z5mr1158223wfb.1190056775968; Mon, 17 Sep 2007 12:19:35 -0700 (PDT) Received: from ?192.168.17.8? ( [91.135.49.237]) by mx.google.com with ESMTPS id 3sm562697wrs.2007.09.17.12.19.34 (version=SSLv3 cipher=RC4-MD5); Mon, 17 Sep 2007 12:19:35 -0700 (PDT) Message-ID: <46EED342.8080704@gmail.com> Date: Mon, 17 Sep 2007 21:19:30 +0200 From: Sten Daniel Soersdal User-Agent: Thunderbird 2.0.0.6 (Windows/20070728) MIME-Version: 1.0 To: Pete French References: In-Reply-To: Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-stable@freebsd.org Subject: Re: BIND 9.3.1 - How to get rid of AAAA querys? X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 17 Sep 2007 19:47:27 -0000 Pete French wrote: >> I have been running IPv6 on all of my FreeBSD work systems for >> years. All of my mail (including this message) are sent/received by IPv6 >> and I have not had any problems, but I am on a network that is fully >> IPv6 enabled, so no tunnels are involved. > > That's good to know. I have one box on the live internet (mail.twisted.org.uk) > which is runnign 6.2-STABLE and using 6to4 to provide IPv6 to those whowant it. Some of our outgoing mail gets delivered over IPv6, but none of our > incomming does. However it does seem to behave itself. > >> I do know that there will be a major re-write of IPv6 support in V7 to >> integrate the KAME code into the rest of the network as KAME is not >> longer separately developed. I'm not sure how this will impact things, > > That was going to be the next point where I tested it (when V7 comes > out). My home machine works more-or-less ine using IPv6 on 6to4, > with the only problems being when ftping large files to/from twisted.org.uk > which show a random disconnect after 10-20 minutes of transfer. > > My bigger problem is trying to distribute my IPv6 address to machines > behind the single box which faces the outside world (as thats what IPv6 > is good for right ? No more NAT?). These boxes work in so far as they > can all see and ping IPv6 addresses and make and receive TCP connections. > But if, for example, I make a TCP connection to www.kame.net then I get > the first chuink of data but then a freeze for a long period of time before > the rest of the data arrives. This does not happen from the direct machine, > it sees all the data at once. > > Unfortunately that problem makes IPv6 useless for me on the inteernal network > behind the box, so it's been disabled. I am reluctant to deploy it on > work machines for the same reson. Diirectly connected boxes may work fine > but actiually trying to use IPv6 to get rid of NAT doesn't seem to work right. > > Sadly I haven't had any time to investigate further. I'm no ipv6 wiz but that sounds awfully lot like slow path mtu discovery. Perhaps you could adjust the tcp6 mss to account for the difference in mtu? On tcp (v4) it was MTU - 40 bytes but on ipv6 it could be more. If you by any chance used ms windows behind that ipv6 router then that would account for the slow reaction to the icmp packet indicating packet was too big but dont-fragment flag was set (or whatever the ipv6 equivalent is) -- Sten Daniel Soersdal