During yesterday's discussion on DNS discovery we somehow jumped the gun a bit quickly and moved to solution space without really understanding the requirements. Let me step back a little and try to reverse engineer those!
A) Rob, in his introduction, pointed at a number a functions a node could
do when we talk about DNS autoconfiguration. Basically those are:
1- finding a recursive name server
2- finding a search list
3- updating the forward DNS tree
4- updating the reverse DNS tree
5- finding a NTP source for DNSsec signature verification
From this list, it seems to me that 1- is critical, 5- is important
and we could leave without 2, 3, and 5, at least for now.
Those are important (except maybe 2) but can be taken care of separately.
However, it is not clear to me that 1- and 5- need to be addressed by the same
mechanism. That is, if there is already a mechanism to broadcast NTP
timestamp on the local network, this may be a good enough solution.
B) The second major element to study is the desired/required mode of operation.
This autoconfiguration is happening mostly at boot time. I'm a bit concerned
about the effects of self synchronization in the network and what happen
when a very large flat L2 network power cycle.
In IPv6 neighbor discovery, there is provision for that, with unsolicited router advertisements
that are multicast to all nodes on the link.
If we think that DNS discovery (for lack of a better term) is a critical part of stateless autoconfiguration,
it may makes sense for it to have the same properties as the rest of the story, e.g. prefix discovery.
C) A third element in this discussion is the compatibility with the IPv4 model.
I agree it is highly desirable to have the same conceptual _administration_ model in IPv6, that
is the information is configured by the network manager in a centralized repository and it
then gets propagated to the nodes. This can actually be achieved regardless of the
format of the bit pattern on the wire.
- Alain.
#---------------------------------------------------------------------- # To unsubscribe, send a message to <[EMAIL PROTECTED]>.
