On 09/08/2014 10:19 PM, Linda Walsh wrote:
James Knott wrote:
On 09/08/2014 04:15 PM, Linda Walsh wrote:
FWIW, what you are doing was the advice when IPv6 was introduced, but it was changed. The advice now, is to prefer an end-to-end 4-4 connection over a 4-6-6-4 as the latter introduces considerable inefficiencies and slowdowns to the net as a whole. If you really have a native 6-6, that's preferred, but a 6-6 that is really a disguised 4-4 is wasting BW.
I don't sent IPv4 over IPv6. Sorry, I can see my nomenclature was unclear. What I meant by 4-6-6-4 was having native IPv4 connectivity at each end and are using a 6-in-4 or toredo tunnel to talk from an IPv6 app (like DNS) to an IPv6 app on the other end (a ipv6 DNs resolver).. With the important detail being that you don't have native ipv6 connecting your end to the other -- instead you rely on some encapsulation over ipv4.
That's the part they said to move away from. if you have native ipv4 connectivity on each end, then use ipv4 -- only if you have a native ipv6 on both ends (that isn't tunneled over ipv4) does it make sense to use ipv6.
I run IPv6 so that I can connect to devices behind my firewall without running a VPN or worrying about port forwarding. My firewall is configured to pass only IMAPS and SSH. Regardless, this has nothing to do with the problem in that for some reason that firewall computer is not skipping past unreachable DNS servers. I just tried an experiment with my notebook computer, which gets the DNS server addresses via DHCP (IPv4 only). I then changed the address of the first one and watched what happened. It quickly skipped over the bogus server and then went to the 2nd address, which worked as expected. For some reason, with the firewall computer, I don't even see any attempts, when watching with Wireshark. So, we're back to the question of why something that has worked well for 4 years now fails. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org