Re: [homenet] Look at ahcp: Was: Mixing DNS in with routing information

Fri, 26 Oct 2012 04:54:42 -0700 

On Oct 26, 2012, at 6:47 AM, Jim Gettys wrote:

> 
> 
> On Thu, Oct 25, 2012 at 12:08 PM, RJ Atkinson <[email protected]> wrote:
> 
> On Thu, 25 Oct 2012 09:11:18 +0900, Lorenzo Colitti wrote, in part:
> > ...from the border router which discovered the DNS entries
> > for tvservice.jp, inject those DNS servers into the mesh
> > with a tag that they only be used for tvservice.jp,
> > and pass that around in the routing protocol. No?
> 
> I'm not comfortable with overloading a routing
> protocol for use as a DNS transport mechanism.

Advertising the DNS servers and supporting DNS are two very different 
functions. The mechanisms to do the former are DHCPv6 and Neighbor Discovery RA 
(there may be others). It wouldn't be too much of a stretch to use a routing 
protocol to distribute this information amongst routers in the homenet routing 
domain so that it could be distributed to the hosts via ND or DHCPv6. 

Thanks,
Acee 


> 
> I'm also nervous about both DNS authorisation
> and DNS authentication.  Who is allowed to make
> which DNS advertisements and how do I authenticate
> the received DNS advertisement as both valid and
> authorised ?
> 
>   (NB: With ordinary DNS, the answer is DNSsec.
>    With mDNS, DNSsec also probably can work.)
> 
> Surely there is some alternative approach that
> doesn't require such overloading and complexity.
> 
> 
> 
> May I suggest the group look at using ahcp for this (and other) uses?
> 
> It is also suitable for prefix delegation distribution, ntp distribution as 
> well as DNS.  In short, it solves pretty cleanly a number of problems this 
> group has been struggling with.
> 
> http://www.pps.univ-paris-diderot.fr/~jch/software/ahcp/
> 
> Juliusz has recently added authentication to ahcp; probably not yet reflected 
> in the document, looking at the date on it.  It also avoids use of multicast, 
> which is problematic on some networks we'll be seeing in the home.
> 
> It's also running code (we use it in CeroWrt).
>                          Regards,
>                                  - Jim
> 
> 
> _______________________________________________
> homenet mailing list
> [email protected]
> https://www.ietf.org/mailman/listinfo/homenet

Attachment: smime.p7s
Description: S/MIME cryptographic signature

_______________________________________________
homenet mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/homenet

Reply via email to