Mon Nov 12 17:43:00 GMT 2018
* Phillip Hellewell:
> On Mon, Nov 12, 2018 at 4:20 AM Florian Weimer <email@example.com> wrote:
>> RFC 3484 has always been rather problematic (particularly Rule 9, which
>> we do not implement).
>> I seriously doubt that there is any benefit from address sorting. It's
>> a layering violation, and it makes renumbering harder because you now
>> need to consider the impact on address sorting. Its core assumptions
>> are also quite wrong on many networks (e.g., private addresses often
>> have less georeplication than public Internet service, so public
>> addresses are closer by).
>> In any case, I think address sorting should be performed by the caching
>> DNS resolver, not the stub resolver.
> An administrator of a given machine may not have any control over the
> DNS server, yet they should still be able to control address order,
> e..g., to prefer IPv4 over IPv6 or vice-versa.
If you can edit /etc/gai.conf, you can install Unbound or dnsmasq, too.
>> Do you have a setup that actually relies on address sorting? Do you
>> have any examples where DNS provides a set of addresses for a single
>> name with different labels/precedence, so that sorting the addresses
>> actually has an effect?
> Yes, this happens all the time. Look no further than google.com. It
> has both A and AAAA. As a system administrator, I should be able to
> set up my prefix policy table to prefer IPv4 over IPv6 if desired.
> That is just one example.
Do you have another example that does not involve sorting merely by
protocol? Something that you have encountered personally?
> One should be able to control address order without having to set up
> and run their own special DNS server/proxy/whatever.
To be honest, I don't see any other way to get full RFC 6724 support
because the RFC requires various things for which I do not see direct
If we disable or limit sorting in glibc, at least you will be able to
get RFC 6724 support with a suitable NSS service module or caching DNS
More information about the Libc-help