EPISODE · Jun 5, 2026 · 56 MIN
DeLegacy: Forcing IPv6 at Scale (gpn24)
from Chaos Computer Club - recent events feed · host Mynacol
Find out how to increase the proportion of IPv6 traffic by manipulating DNS responses, and how to persuade X/Twitter and Discord to support IPv6 _(caveats apply)_. Content Delivery Networks (CDNs) generate significant traffic, and almost all of them support IPv6. However, many websites that use CDNs lack IPv6 support. But when accessed over the right IPv6 address, these websites work without issue. With targeted DNS manipulations, the number of domains with IPv6 can be increased significantly. I have developed the [DeLegacy RPZ](https://codeberg.org/IPv6-Monostack/delegacy-rpz) project to achieve this. This talk explains the underlying mechanisms and how they can be utilized for this purpose. It shows how standard DNS servers, such as BIND or Unbound, can be configured to perform this task instead of using custom code. I reveal how to use DNS [Response Policy Zones](https://wikipedia.org/wiki/Response_policy_zone), [DNAMEs](https://de.wikipedia.org/wiki/DNAME_Resource_Record), and [DNS64](https://datatracker.ietf.org/doc/rfc6147/) to implement the intended manipulations. I also present my approach to identifying and testing useful domains and IP addresses when creating new rules. Finally, I present statistics on the increased IPv6 penetration, based on the [Tranco list](https://tranco-list.eu/). Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://cfp.gulas.ch/gpn24/talk/HRXC7H/
What this episode covers
Find out how to increase the proportion of IPv6 traffic by manipulating DNS responses, and how to persuade X/Twitter and Discord to support IPv6 _(caveats apply)_. Content Delivery Networks (CDNs) generate significant traffic, and almost all of them support IPv6. However, many websites that use CDNs lack IPv6 support. But when accessed over the right IPv6 address, these websites work without issue. With targeted DNS manipulations, the number of domains with IPv6 can be increased significantly. I have developed the [DeLegacy RPZ](https://codeberg.org/IPv6-Monostack/delegacy-rpz) project to achieve this. This talk explains the underlying mechanisms and how they can be utilized for this purpose. It shows how standard DNS servers, such as BIND or Unbound, can be configured to perform this task instead of using custom code. I reveal how to use DNS [Response Policy Zones](https://wikipedia.org/wiki/Response_policy_zone), [DNAMEs](https://de.wikipedia.org/wiki/DNAME_Resource_Record), and [DNS64](https://datatracker.ietf.org/doc/rfc6147/) to implement the intended manipulations. I also present my approach to identifying and testing useful domains and IP addresses when creating new rules. Finally, I present statistics on the increased IPv6 penetration, based on the [Tranco list](https://tranco-list.eu/). Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://cfp.gulas.ch/gpn24/talk/HRXC7H/
NOW PLAYING
DeLegacy: Forcing IPv6 at Scale (gpn24)
No transcript for this episode yet
Similar Episodes
Apr 21, 2026 ·73m
Apr 18, 2026 ·95m
Apr 15, 2026 ·55m
Apr 13, 2026 ·68m
Apr 11, 2026 ·59m
Apr 9, 2026 ·66m