>>>>> On Fri, 9 Apr 2004 14:55:38 +0300 (EEST),
>>>>> Pekka Savola <[EMAIL PROTECTED]> said:
>> Let's assume a site is delegated an IPv6 prefix P:x::/48. Also assume
>> the prefix delegator has the authority of the DNS reverse tree for
>> P::/32. Then,
>>
>> In the above case 1, the prefix delegator does not delegate P:x::/48
>> in terms of DNS reverse tree. Someone in the delegated site might
>> want to update RRs in the P:x::/48 part of the P::/32 zone at the
>> delegator.
>>
>> In the above case 2, the prefix delegator does delegate P:x::/48 to
>> the (prefix) delegated site in terms of DNS reverse tree, too.
>> Someone in the delegated site might want to update RRs in the P:x::/48
>> zone managed in the same site.
>>
>> In the above case 3, the prefix delegator does delegate P:x::/48 in
>> terms of DNS revers tree to some different organization which is not
>> the delegator or the delegated site. Someone in the delegated site
>> might want to update RRs in the P:x::/48 zone managed in the different
>> organization.
>>
>> Is my understanding correct?
> This is exactly the cases I've described. (The third case is IMHO
> relevant in the case where you don't wish to maintain your own DNS
> server in the site; this could be the case e.g., if you happened to
> have a personal co-location box acting as DNS server for your forward
> domains located somewhere else as well, and you'd like to put the
> reverses there.
Okay, thanks. Now the intended scenario is very clear to me. Then
going back to the draft text:
On one hand, securing the DDNS relationship for prefix delegation is
simpler if DNS server and the prefix delegator are in the same
administrative domain, and may be more difficult otherwise.
On the other hand, if the DNS server resides where the prefixes are
delegated to, it is easier to manage reverse DNS updates as they can
be done within a single administrative entity. Similarly, then
configuring the reverse DNS is typically simpler as well (e.g., if
one wanted to insert a wildcard record).
In these paragraphs, several cases are described:
A. the case where DNS server and the prefix delegator are in the same
administrative domain.
B. the case where DNS server and the prefix delegator are NOT in the
same administrative domain. (the "otherwise" case in the first
paragraph)
C. the DNS server resides where the prefixes are delegated to.
Apparently case A means case 1, and case C seems to specify case 2.
Are these correct? Whether the answer is yes or no, what about case
B? Does this mean cases 2 and 3? Does it also include other
scenarios? Or is it a completely different scenario which is neither
2 nor 3?
If case B is (or includes) cases 2 and 3, then the above paragraphs
seem to try to say: "in case 2, it may be more difficult to secure
DDNS, but it is easier to manage reverse DNS updates and it is simpler
to configure the reverse DNS." Is this (part of) what you wanted to
say?
JINMEI, Tatuya
Communication Platform Lab.
Corporate R&D Center, Toshiba Corp.
[EMAIL PROTECTED]
.
dnsop resources:_____________________________________________________
web user interface: http://darkwing.uoregon.edu/~llynch/dnsop.html
mhonarc archive: http://darkwing.uoregon.edu/~llynch/dnsop/index.html
