Feature Overview (aka. Goal Summary)  

Provide the ability to respond properly to IPv6 queries in a non-IPv6 environment using a template plug-in, which enables customized CoreDNS responses. 

Goals (aka. expected user outcomes)

• Reduce the delays associated with and total number of DNS server query nxerrors/nodata offenders resulting from IPv6 queries in a non-IPv6 environment.

Requirements (aka. Acceptance Criteria):

Anyone reviewing this Feature needs to know which deployment configurations that the Feature will apply to (or not) once it's been completed.  Describe specific needs (or indicate N/A) for each of the following deployment scenarios. For specific configurations that are out-of-scope for a given release, ensure you provide the OCPSTRAT (for the future to be supported configuration) as well.

Questions to Answer (Optional):

Out of Scope

Background

Any DNS query in OpenShift is triggered against both IPv4 and IPv6 due to the behavior of glibc.  In large customer environments, this can result in millions of queries to the DNS infrastructure per day with with an nxerrors/nodata result. 

Why there are both IPv4 and IPv6 lookups, are how they are typically disabled in RHEL in one of several ways, is described here. 

The correct behavior is to return NOERROR for AAAA requests with no answers, and NOERROR with answers for A queries. 

Customer Considerations

• The customer simply needs to reduce the delay and number of total DNS server queries resulting from IPv6 queries in a non-IPv6 environment.

Documentation Considerations

• This capability needs to be heavily caveated in product documentation to articulate the risks and provide an explanation that – if a customer requires this option to solve their problem - they should probably consider other options, first.