If the IPv4 answer is 127.0.53.53 then what is the IPv6 answer? - While trivial; the lack of IPv6 support is something to consider
At first I was thinking that a simplistic response of “Hey... why is there no v6 in this recommendation” was easy to state and walk away from. After a day or two, I realized that this is actually a real issue. 1) The simplistic original thought was: Why is ICANN promoting a v4 only solution by defining 127.0.53.53 and yet not defining an equivalent v6 address? Isn’t ICANN a pro-v6 entity? (Yes it is). 2) The v4 choice of 127.0.53.53 is very hard to replicate within v6 as the loopback was defined as ::1/128 (RFC2373). There is no room within that subnet for an additional address. 3) If you accept 127.0.53.53 as the method going forward to solve this solution; then which registry function under IANA keeps track of the “53.53” usage (what if some future http protocol design wants to use 80.80? etc etc). 4) Given that there is going to be a non-trivial number of IPv6-only devices in the field and hence a v4-only response is equivalent to a NXDOMAIN response. If the endpoint implements 464XLAT (RFC6877) then the 127.0.53.53 response creates far more traffic than intended, potentially with a DDoS result. As I said; these were trivial thoughts. Since that time (and after reading Aaron Beck & Jason Fesler’s comments about Linux routing and more; I’ve come to my own thoughts that this is an absolute hack of the worse kind. The v6 issues are in fact unimportant as this should not even exist within the v4 world. Why do I think this? While I now believe I understand the name collision issues addressed by SSAC, I simply can’t get my hear around coding into numerous end-point software subsystems the “127.0.53.53” address. The precedence set by this is non-trivial and this act could potentially open up the 127.*.*.* block (and its lack of v6 equivalent block) to all manner of “solutions” to real or artificial problems. While I highly respect the team that thought this solution up; I also respectfully state that it’s just not passing the “smell test”. Alas I know I'm failing because I can’t bring to the table an alternate solution. Please accept these comments as a true concerns and maybe use the lack-of-IPv6 to rethink the solution. Yours, Martin Martin J. Levy Network Strategy CloudFlare, Inc.