[CentOS-mirror] IPv6 Mirroring

Mon Aug 1 21:08:51 UTC 2011
Kevin Stange <kevin at steadfast.net>

On 08/01/2011 03:37 PM, Matt Domsch wrote:
> On Mon, Aug 01, 2011 at 02:16:30PM -0500, Kevin Stange wrote:
>> Karabir suggested we start getting together a list of steps that need
>> completion to deliver an IPv6-preferenced or IPv6-only list of mirrors
>> for IPv6-only clients using CentOS.
> FWIW, Fedora hasn't had a significant need to IPv6-preferenced of
> IPv6-only mirrors.  We do manage preference by ASN, netblocks (IPv4
> and IPv6), internet2 (and related networks) and country.  Fedora does
> have nameservers advertised on AAAA records, as well as A records.
> The inbound web proxies are reachable via both AAAA and A records, so
> MirrorManager does see a client's IPv6 or IPv4 address.
> MirrorManager replies to client requests with DNS names. Mirrors may
> themselves advertise a given name with an AAAA or A record.

The idea would be to provide DNS names we know have AAAA records to
provide better quality of service to a yum client that can't use A
records.  Otherwise, it's a lot of poking randomly at hosts until one
with AAAA is found.

It's also just a good idea at this point to at least build the mirror
infrastructure to be IPv6 capable from end to end so that an IPv6-only
client at least has a shot at finding a mirror at all.

>> - Prepare a separate monitoring system for IPv6 content to confirm that
>> mirrors are serving the content correctly over both v4 and v6.
> Right now Fedora's MM crawler runs on machines that can only speak
> IPv4.  I trust mirror admins that if they're advertising both AAAA and
> A records, that both methods are equivalent and if one works, the
> other works.  I haven't had a significant problem with this in
> practice.

I haven't seen it a lot in practice, but it happens.  Currently, admins
sometimes forget their IPv6 records when they change IPs or their
network administrator assumes no one is really using IPv6 so the IPv6
network goes down more often or breaks in a way that no one really
notices for a while.

I've also seen a few people just map an AAAA to a server and not have
the web server configured to apply the VirtualHost to the IPv6 address.

>> Thoughts?
> Are there a bunch of mirrors for whom IPv6 bandwidth is "free",
> compared to IPv4?  That's the only reason I can see going to this
> effort.  I understand that bandwidth via Internet2 would be cheaper
> than commercial links, which is why MM sends I2-capable clients to
> I2-capable servers first.  Otherwise, seems like a lot of work for not
> necessarily any gain.

My mirror is substantially cheaper if we send traffic over IPv6, but for
the most part, if you do have IPv6 and happen to hit my mirror, you will
end up preferring it anyway.  This change would actually drive more IPv6
traffic to my mirror rather than to IPv4 only mirrors, but I have no
real objection to this because the cost is very low and I like anything
that increases the IPv6 traffic numbers on the Internet for statistical

The techniques used for driving traffic to I2 could well be used for
IPv6 as well.

Kevin Stange
Chief Technology Officer
Steadfast Networks
Phone: 312-602-2689 ext. 203 | Fax: 312-602-2688 | Cell: 312-320-5867

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 261 bytes
Desc: OpenPGP digital signature
URL: <http://lists.centos.org/pipermail/centos-mirror/attachments/20110801/d48c6458/attachment-0004.sig>