I was looking at IPv6 deployment and decided to test my Domain using the following tool
I then decided to plug google, facebook, and cisco in. The results are a little disappointing
While google and facebook both touted how they were leaving IPv6 on, (and indeed they still are accessible via IPv6), I note that none of the 3 have IPv6 capable nameservers.
Clearly we still have a long way to go before we are ready for IPv6 only deployment :(
It is a bit disappointing indeed. But I don't think v4 only authoritative DNS servers is going to be slowing down IPv6 adoption. And once IPv6 adoption hits the 50% mark I am sure those authoritative DNS servers will be dual stack.
There are other things to be much more disappointed with. For example YouTube (https://www.tunnelbroker.net/forums/index.php?topic=2562) is notoriously unreliable for clients with IPv6 access. Also there are ISPs that are deploying NAT444 without giving their customers any way to access IPv6 backbone. On a related note, I have written down my thoughts (http://kasperd.net/~kasperd/transition) on why I consider the current state of the deployment to be 13 years behind schedule.
As for those authoritative DNS servers, I am pretty sure the reason they are still v4 only is due to some problem with geolocation. If they receive A queries over IPv6, they may have a very hard time figuring out, which IPv4 frontend IP is closest to the user. But that is a problem they have to solve. Some day they'll be receiving more AAAA queries than A queries, and at that time, I don't believe there'll be any incentive left to have v4 only authoritative DNS servers.
Meanwhile IPv6 only clients still have access to IPv4 backbone through some sort of NAT. And contacting authoritative DNS servers is one of those things, that will have very little problems going through a NAT. I am wondering about NAT64 deployments. Are DNS recursors intelligent enough to contact authoritative servers through NAT64, if they have been configured with NAT64 support, or can they only use the NAT64 settings to convert the results passed on to the clients?
It is a bit ironical that so much effort has been put into squeezing entropy out of DNS queries. The 16 bit ID obviously didn't have enough, and combined with a 16 bit port number it is usually considered a poor implementation if you can't get at least 30 bits of effective entropy out of that. Plus even that is not considered enough, you want more entropy, so effort has been put into utilizing case insensitivity in the domain names to squeeze one more bit of entropy out from every letter in the name being resolved. So much effort to get to maybe 40 bits of entropy - total. But if communication between DNS recursor and authoritative DNS server was IPv6, you have a really low hanging fruit with 64 bits of entropy. Just route a /64 to the DNS recursor and let it choose a random address in that range for each DNS lookup. So much effort to go from 16 to 40 bits of entropy, but for those lookups where you can have another 64 bits for free, they don't want it.