On Mon, Apr 11, 2016 at 5:56 PM, Ricky Beam <jfbeam@gmail.com> wrote:
On Sun, 10 Apr 2016 20:09:04 -0400, Rubens Kuhl <rubensk@gmail.com> wrote:
If your users are seeing captchas, one or a few or them are likely to be infected to the point of generating too much requests to Google.
If that were the case, they'd be seeing the same via IPv4. And apparently, they aren't.
Nope. If you have both A and AAAA IP addresses in DNS responses and have both IPv4 and IPv6 connectivity, IPv6 will be preferred, with even a bit of latency handicap favoring IPv6 in current Happy Eyeballs implementations. Remember that the symptom is not unresponsive website, but an answer with an inconvenience (the captcha), so the browser and the network stack won't deem it as IPv6 load failure.
This also points out the problems with *ASSUMING* you know the size of someone's netblock. If you think "/64", then you'd be wrong. Just as wrong as assuming all IPv4 is "/24". And on the same side of that coin is the over-reaching "block all of Asia" blacklist. Sure, that'll kill a heap of nonsense, but if you actually have business in Asia...
(Yes, *I* banish APNIC. "works for me", not recommended for others.)
One known issue in both APNIC and LACNIC regions is that some addresses are indeed countries instead of single networks, due to NIRs (National Internet Registries). Rubens