[6bone] recursive DNS servers?

[David Carmean]

On Tue, Oct 22, 2002 at 08:55:25PM -0400, John Klos wrote:
> Hi,
> 
> > I would suggest using the "Block images from this server" option in
> > mozilla on such sites. It's really just a work around until doubleclick
> > figures out how much the IPv6 community needs to see their ads.
> 
> I simply added my own zone for doubleclick and for a few other nasty ad
> servers. At first I used my main web server's IP address, but sometimes
> people would get the whole page updated with the Apache error message, so
> I changed the IP address they all point to to 127.0.0.1. Instant time-out
> and no full page errors.

I can do this for my personal (home DSL/work desktop) nameservers,
but it's probably not appropriate for me to do so on my production
nameservers, especially since one of my employer's products is a web
cache and we're integrating and testing IPv6 code.

I hacked up a perl script to test public (authoritative) nameserver
behavior w.r.t. A vs. AAAA queries over IPv4.  Extracting hostnames
from our production HTTP cache logs, for an 80-minute period, I found
the following:

Of 7,131 unique hostnames, for which I queried 6,808 unique listed
nameservers,

    Queries for 36 of those hostnames produced valid A responses but
    had timeouts for AAAA.  Only about 1/4 of those seem to be dedicated
    spam^W ad/banner servers, but they have more "weight" due to their 
    usage pattern.

    23 queries resulted in a NOERROR reponse for A, but NXDOMAIN for AAAA.

    17 queries resulted in a valid response for A, but SERVFAIL for AAAA.

    1 query resulted in a NOERROR reponse for A, but NOTIMP for
    AAAA. (That server also answers NOTIMP for CH TXT version.bind query.)

Maybe it's time to hack a "match-query-type" option into BIND 9's 
"view" concept?  :o)