Hacker News new | past | comments | ask | show | jobs | submit login
[flagged] Asking for help: Please encourage Microsoft to add AAAA records for artefacts
36 points by BartjeD on Oct 1, 2022 | hide | past | favorite | 15 comments
Hi,

I'm a solo dev and for a while I've been trying to get Microsoft to add AAAA records to their artefact repositories.

Request: Please post a request / encouragement for microsoft to finally get this done at: https://github.com/dotnet/core/issues/7435

Context: I'd like to be able to use IP v6 only servers to collect artefacts and do builds etc..

It seems ludicrous to me that this still isn't supported. Given that IP v4 is increasingly scarce and that some countries are even starting to phase it out entirely.

Why not take the time to add a few AAAA records? This should be simple?

Alternatively: Does anyone have a better approach for a lone dev to accomplish this? Without relying on Microsoft to take action?




See also: https://news.ycombinator.com/item?id=31331228 It's been almost 4 months since my last attempt to get this done. And then 6 months before that, it's almost more than a year now.


https://feedback.azure.com/d365community/

This is where I've been directed to offer feedback. Higher votes get attention, that's the idea. I've had Microsoft account reps for previous company's enterprise agreements direct me there so I assume they watch it.


Whenever a msft PM encourages me to post on github/feedback/whatever I know there's a 99.9% chance that its going to be posted, get a few upvotes, and then be closed in 2 years when they change platforms again.


"Beep boop, I'm a bot. This issue hasn't received any attention in 6 months."

Issue closed as completed.

Elsewhere, at Microsoft: "Our team has closed 16,000 issues this quarter, up from 10,000." "Great! Here's a bonus!"


"When a measure becomes a target, it ceases to be a good measure"

D:


Not only a record, the record needs to point to a ipv6 also. If that is missing it is not as trivial as you make it.


An ipv6 address shouldn't be a problem either.


> This should be simple?

It's simple to add a record to the DNS, but either you have separate IPv6-only machines serving the IPv6 requests or you run dual-stack, which in my experience is non-trivial due to IPv4 protocol interactions.

In addition there is likely routing and firewalls to consider.

So not just as simple as adding a record to the DNS. Not that it should be terribly hard for an org like Microsoft, just saying.


What IPv4 protocol interactions? That is odd.


Early morning here so I don't recall them all, but the latest one I ran across was ULA addresses not being used[1] in dual-stack configurations due to IPv4 being preferred[2].

[1]: https://blog.ipspace.net/2022/05/ipv6-ula-made-useless.html

[2]: https://datatracker.ietf.org/doc/html/draft-buraglio-v6ops-u...


It's probably not as easy as you think depending on how their load balancing infrastructure is set up.

They can set up anycast and all kinds of load balancing but their software needs to be able to deal with IPv6: for example, for IPv6 you (probably) need /48 or /56 rate limiting* rather than just a single IP. Their logging infrastructure and SIEM setup also needs to be able to deal with all that.

Now, Microsoft (and friends, like Github) had decades to get this stuff working but they've managed to break IPv6 on Azure in some kind of super spectacular fashion like only Microsoft can, and I assume they use Azure to run their own services.

A quick workaround (setting up a proxy) shouldn't take more than a month to implement, but it would be like a completely separate part of infrastructure to manage while the real solution (getting their shit in order) is being resolved.

Microsoft needs to get their shit together but it's not as easy as just adding a DNS record. They'd need to set up distributed addressing across their infra to get it working and depending on how stupid their original infra design was, that could be a huge problem.

*=some incompetent web hosts assign /128s or /120s to their servers, which will be impacted by this rate limit, but that's only more incentive foe those incompetent hosts to not abuse IPv6 address space and use it as intended.


It's probably not as simple as you think it is.


I don't understand "it's not that simple" in this context.

Is ipv6 a new problem? Is MS a one-person volunteer diy project? Is MS is some other buisiness and not expected to have good IT because they are cheese makers?

If the job is so hard that it takes 20 years and billions of dollars and really only an IT company has the domain specific knowledge to do it, ok well, and?


What is the opposite of simple? Should be simple.


At my previous job, we had a whole infrastructure which was IPv6 only (a dozen k8s clusters). Everything worked really well (though I had to make some PRs on projects to make them v6-compatible). However, we still needed a NAT64/DNS64 infrastructure because some external services were still v4-only (docker registry for example).




Join us for AI Startup School this June 16-17 in San Francisco!

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: