In 2018, in my article Phasing out IPv6 transition technologies, I brought information about the current development and use of Teredo and 6to4 technologies. In conclusion, I informed that Teredo prefix 2001::/32 is no longer promoted to foreign upstreams, but only within NIX.CZ and NIX.SK peering nodes, where global peers are active as well, so we did not limit the 6to4 technology due to certain traffic from abroad. In this blogpost, I will explain why we now want to turn off these two technologies.
Recently, two entities have asked us to help them host their DNS zones and in both cases, we were happy to oblige. One of them was the Czech neutral peering node NIX.CZ, with which we often share technical know-how and help each other when it makes sense. The other one was the domain register of Guatemala operating the .gt ccTLD, which we humored as part of our long-term support of developing registers, like we have done the case with the registers of Angola, Malawi, Tanzania or North Macedonia.
At the beginning of 2017, we started working on a project of augmenting infrastructure of authoritative DNS servers that keep the .CZ domain running. Our main motivation was to increase the resiliency of the DNS infrastructure against DDoS attacks – the risk that is constantly growing. The basic building unit of the new DNS infrastructure is the so-called “DNS stack”.
In mid-February we informed about Reducing TTL in the .cz zone by one hour. Then, at a similar hour every Wednesday, we reduced it by another hour, until on March 15, 2017 we reached the required value of 1 hour (i.e. TTL=3600).