Margaret, > Margaret Wasserman wrote: > (2) Institutionalizing the need for split DNS. I understand > that some network administrators choose to use split DNS > today, but that doesn't meant that we want to build a > requirement for split DNS it into the IPv6 architecture.
I don't think "Institutionalizing" is a good choice of words here. Split DNS is not unique to site-local addresses, it's not even unique to private addresses. I have seen several sites that have split DNS even though they use public addresses only. Out of the 50 something distinct sites that I administer, I think only one or two do not have split DNS. > IMO, requiring the DNS infrastructure to be aware of and > enforce topology boundaries is a poor architectural choice. In theory, I agree but the fact of the matter is that it already is aware of the topology and I don't see this changing any time soon. Don't get me wrong: I do not like split DNS, but I have seen it on sites that have a single public address per host. There also are multitudes of perl scripts that parse custom zone files to make multiple different ones, such as the very typical example below that will produce 2 set of zone files: (yes I know it does include NAT but keep in mind this is today's reality too). name inside_addr outside_addr www 192.168.1.2 209.233.126.65 # web server ftp 192.168.1.3 209.233.126.65 # ftp server sql 192.168.1.4 0.0.0.0 pop3 0.0.0.0 209.233.126.65 [parse with homebrew perl script] zone file for inside DNS servers: www 192.168.1.2 # web server ftp 192.168.1.3 # ftp server sql 192.168.1.4 zone file for outside DNS servers: www 209.233.126.65 # web server ftp 209.233.126.65 # ftp server pop3 209.233.126.65 Again I'm not saying this is good but don't think it will be introduced or institutionalized with site-local addresses; it's been around for a long time. Michel.
