(Sorry for tweaking the subject line - mailer problems related to magic words)
On 5/28/14, 12:15 PM, "Evan Hunt" <[email protected]> wrote: > >> So not to put too fine a point on it, but where is the use case for this >> proposal? It seems like something that is more of someone's cool hack >> than a standard people ought to implement. What am I missing? > >The first three I thought of when the Dan suggested the feature: > >1) In the places I've worked, there have often been emails going around >asking who's in charge of a particular machine or a particular IP address, >that information having apparently been misplaced since the machine was >set >up or the address allocated. In geographically dispersed organizations it >can be particularly hard to figure this stuff out. It would be nice to be >able to leave breadcrumbs in the zone file and have them a) not get >stomped >on, and b) be retrievable by an administrator working in a colo cage >somewhere by sending a suitably TSIG-signed query. > >2) Over the years I've had to tell a dozen or so BIND operators who'd had >disk failures on their master servers to fetch backup zones from slaves, >and heard sadness at the loss of comments. (Also file ordering, but >that's not something that NOTE can help with.) > >3) Status comments could be added to zones such as "signed by $version >on $host at $date". Notwithstanding the discussion on new RR type(s), there may be useful hacks which achieve at least some of the desired commenting info using existing RR types. One type, which is guaranteed to be supported on all DNS software, is the SOA. Implementation details left to the hacker. Suggestions on such follow. I realize that using this with the same owner name creates a zone cut, and the need for parent/child NS records. Be that as it may, the SOA provides two DNS name fields (mname and rname which can encode server names, mailbox names, or anything <255 characters of LDH), and several 32-bit unsigned integers, which could encode integer data, unix date-time values, or even IPv4 addresses. This may provide more than enough ³breadcrumbs². Avoiding the in-situ zone cuts can be done by putting a parallel tree of these SOAs under some parent zone with well-known naming, perhaps under a ³view² zone limiting access from prying eyes. This doesn¹t particularly need to be standardized, but would make a nice informational RFC if implemented by someone (Evan). Hope this is useful. Brian _______________________________________________ DNSOP mailing list [email protected] https://www.ietf.org/mailman/listinfo/dnsop
