> Because of foot surgery, I have to wear special inserts to my shoes. > It would be good if all the shoes would have the insert so that I > wouldn't have to remove and insert them each time I change shoes. > But building in the support I need to the shoes means that others > then can't use my shoes.
The hospital that does surgery on my foot probably gives me those inserts as well. The network that messes my DNS should also give me the assistance required to manage. There is no intent to confuse those single-homed hosts walking by the surgery room in ignorance, they just ignore the inserts they see waiting on the desk. > Infrastructure shouldn't try to cover up for host or application > specific issues. Infrastructure shouldn't mess with host or applications either:) > >From 10000 feet view some DNS servers have information others do not. > Isn't > >that enough of high level definition of split-DNS? > > I wouldn't buy that definition. In some cases, it's different > information - the address for some name may be in both splits but be > different. Different information as I said. Also in that case the host should be pointed to ask from correct name server. E.g. corporation deploying split-DNS might want to configure hosts running their VPN clients to send DNS questions relating to "*.corporate.com" to DNS servers running behind VPN. That way they would learn the internal names, and communicate with the servers over the VPN. Randomly picking a DNS server might lead host to learn the external address, and hence contact to wrong destination (provided split tunnel is allowed). > It is a mistake for any application to know that there are multiple > DNS servers available, leave it to the DNS protocol to handle that. > The reason for multiple servers is resilience, based on the reliance > on UDP, and not for "feature shopping." Where does DNS protocol start? The application should remain clueless for sure, but once interface agnostic app calls gethostbyname() on multi-homed host, it would be good if the answer would be the desired one. The core DNS protocol is unable to handle split-DNS.. > There are more reasons than just the two, independent of multi-homed > devices. My theme is that this is a multi-homed device problem, not > a DNS problem. It is not a DNS protocol problem I agree. But from host point of view it is "network" originated (configuration?) problem, the "network" ought to sort out. Best regards, Teemu _______________________________________________ DNSOP mailing list [email protected] https://www.ietf.org/mailman/listinfo/dnsop
