Skip to main content

SAC 018 | Accommodating IP Version 6 Address Resource Records for the Root of the Domain Name System

[PDF, 413 KB]

This Report, issued jointly by the SSAC and RSSAC, examines the inclusion of

IPv6 addresses at the root level of the DNS, focusing on (1) the impact of including IPv6 addresses of root name servers in the configuration file commonly known as the "root hints", a file that recursive name servers initially rely on to provide recursive name service, and (2) the impact of including IPv6 addresses of root name servers in the response messages for a DNS protocol exchange ("priming") that operators use to ensure that a recursive name server always starts operation with the most up-to-date list of root name servers.

With respect to (1). including IPv6 addresses of root name servers in the root hints file will have little affect on deployed recursive name server implementations. Specifically, the RSSAC and SSAC find that the existing procedures for publishing root hints are adequate to support the addition of

IPv6 addresses of root name servers in the files made available at

With respect to (2), a number of resolvers commonly used in production networks today were tested and demonstrated capable of accepting IPv6 address records returned in response to type NS queries by TLD name servers without incident. Moreover, intermediate systems commonly used in production networks today allow DNS messages containing IPv6 addresses to pass without incident (either as a default policy or by user configuration).

The results of these tests are published companion documents SAC 016, Testing Firewalls for IPv6 and EDNS0 Support, and SAC 017, Testing Recursive Name Servers for IPv6 and EDNS0 Support.

The committees also found that DNS implementations used by all thirteen root name server operators are capable of including IPv6 records.

On the basis of the above findings, the committees conclude that adding IPv6 records for the root servers to both the hints file and the zone will have minimal impact on name server implementations and intermediate systems used in production networks.

Domain Name System
Internationalized Domain Name ,IDN,"IDNs are domain names that include characters used in the local representation of languages that are not written with the twenty-six letters of the basic Latin alphabet ""a-z"". An IDN can contain Latin letters with diacritical marks, as required by many European languages, or may consist of characters from non-Latin scripts such as Arabic or Chinese. Many languages also use other types of digits than the European ""0-9"". The basic Latin alphabet together with the European-Arabic digits are, for the purpose of domain names, termed ""ASCII characters"" (ASCII = American Standard Code for Information Interchange). These are also included in the broader range of ""Unicode characters"" that provides the basis for IDNs. The ""hostname rule"" requires that all domain names of the type under consideration here are stored in the DNS using only the ASCII characters listed above, with the one further addition of the hyphen ""-"". The Unicode form of an IDN therefore requires special encoding before it is entered into the DNS. The following terminology is used when distinguishing between these forms: A domain name consists of a series of ""labels"" (separated by ""dots""). The ASCII form of an IDN label is termed an ""A-label"". All operations defined in the DNS protocol use A-labels exclusively. The Unicode form, which a user expects to be displayed, is termed a ""U-label"". The difference may be illustrated with the Hindi word for ""test"" — परीका — appearing here as a U-label would (in the Devanagari script). A special form of ""ASCII compatible encoding"" (abbreviated ACE) is applied to this to produce the corresponding A-label: xn--11b5bs1di. A domain name that only includes ASCII letters, digits, and hyphens is termed an ""LDH label"". Although the definitions of A-labels and LDH-labels overlap, a name consisting exclusively of LDH labels, such as"""" is not an IDN."