Home / Blogs

The Christmas Goat and IPv6 (Year 3)

Don't miss a thing – sign up for CircleID Weekly Wrap newsletter delivered to your inbox once a week.
Torbjörn Eklöv

Christmas Goat – A pretty picture of the Christmas goat from the night before it was burnt down (top) and the early morning photo after it was burnt down (below). Image source: www.merjuligavle.seAs Christmas were getting closer, the third time of load balancing the streaming pictures of the famous Christmas goat in the city of Gävle, Sweden, was on the agenda. My goal with this activity is the same as before, to track the use of IPv6 and DNSSEC validation. The results from the last two years are published on CircleID: 2010 and 2011

A somewhat odd and long tradition in Gävle is to burn the poor Christmas goat down. Not in any official way I might add, more often as a result of bad behavior from some youngsters on their way home from a late night on the town. This obscure activity has ironically made the Christmas goat more famous, even on an international scale.

This year the Christmas goat was standing for 10 days before it was burnt down.

So how did we do this? Below is a brief description:

At the time of the premier of the 2012 Christmas Goat the following was set up:

http://www.julbockmedipv6ochdnssec.se/kamera1 (may not be active)

In order to:

• Track native IPv6 with a RR with A and AAAA.
• Track those who can run IPv6 native or tunneled.
• Track validating DNS-resolvers with a domain that has a faulty DNSSEC.

The result was quite surprising. The use of native IPv6 had not increased as much as I expected. Tunneling with 6to4 and Teredo was very low and the DNSSEC validation was almost half.

When I first counted the use of native IPv6 for 2012 I only reached a figure of 0.7%, compared to 0.5% last year. This made me curious, and I had to investigate some more. It turned out that from the total of more than 62,000 unique IP-addresses visiting the page, the 50 top talkers represented more than 50% of the hits. Not any of these 50 top talkers were using native IPv6. If I removed the top talkers, the figure for native IPv6 increased to 1.4%.

The use of IPv6 with native, 6to4 and Teredo was 11%, compared to 52% last year. DNSSEC validation came in at 32%, compared to 72% for 2011.

Is there any explanation to that reduction? Well, I don't know really. For the previous years I cannot find that many top talkers. Also I can't see any pattern in home and enterprise users. So my conclusion as of last year, that I only need a few days of data to get quite an accurate reading of the percentage, now seems to be completely wrong. Even the sun… :)


Another way of looking at it is that if we discard 2011, and just compare native IPv6 in 2010 and 2012, we can see a fourteen times increase. And that makes me happy! I don't need much to be happy. :)

Unfortunately my logs don't show me any hints on why DNSSEC, 6to4 and teredo are reduced. For now, I will however not let these things disturb my Christmas holiday. Instead I will await the data from next Christmas and hope that our famous Christmas goat then will stand all the way past Christmas!

Merry Christmas and A Happy New Year to you all!

By Torbjörn Eklöv, CTO, Senior Network Architect, DNSSEC/IPv6

Related topics: DNS Security, IPv6



To post comments, please login or create an account.

Related Blogs

Related News

Explore Topics

Sponsored Topics

Promoted Posts

Now Is the Time for .eco

.eco launches globally at 16:00 UTC on April 25, 2017, when domains will be available on a first-come, first-serve basis. .eco is for businesses, non-profits and people committed to positive change for the planet. See list of registrars offering .eco more»

Boston Ivy Gets Competitive With Its TLDs, Offers Registrars New Wholesale Pricing

With a mission to make its top-level domains available to the broadest market possible, Boston Ivy has permanently reduced its registration, renewal and transfer prices for .Broker, .Forex, .Markets and .Trading. more»

Industry Updates – Sponsored Posts

Verisign Releases Q2 2016 DDoS Trends Report - Layer 7 DDoS Attacks a Growing Trend

How Savvy DDoS Attackers Are Using DNSSEC Against Us

Is Your TLD Threat Mitigation Strategy up to Scratch?

Computerworld Names Afilias' Ram Mohan a Premier 100 Technology Leader

Introducing the Verisign DNS Firewall

3 Key Steps for SMBs to Protect Their Website and Critical Internet Services

Key Considerations for Selecting a Managed DNS Provider

What's in Your Attack Surface?

3 Questions to Ask Your DNS Host About DDoS

Afilias Partners With Internet Society to Sponsor Deploy360 ION Conference Series Through 2016

The Latest Internet Plague: Random Subdomain Attacks

Nominum Announces Future Ready DNS

DotConnectAfrica Delegates Attend the Kenya Internet Governance Forum

Introducing getdns: a Modern, Extensible, Open Source API for the DNS

24 Million Home Routers Expose ISPs to Massive DNS-Based DDoS Attacks

Motivated to Solve Problems at Verisign

Diversity, Openness and vBSDcon 2013

Neustar's Proposal for New gTLD Collision Risk Mitigation

Dyn Adds Chris Griffiths As New VP of Labs

DotConnectAfrica Registry Services Participates in ICANN DNSSEC Training at AFRALTI Nairobi