Some of these I'd thought of, others I hadn't. I didn't realize until
afterwards that this would probably need to be run by the DNS groups to
make sure they're OK with it.
On Wed, 21 Feb 2001, Paul Francis wrote:
> 1. Extra load on core DNS, mainly I suppose for just storing the
> things---presumably not too many of the actual queries would work thier way
> to the core (though some necessarily would).
Essentially this boils down to the question, "Does registering an extra
domain for each site/organization cause extra load on the DNS system,
considering that these extra domains would receive very little core
traffic?" Two points:
a) As it stands, most companies register not only their primary domain
name, but their domain name in multiple TLDs (com, net, org, plus CCs),
all possible misspellings of their name, their name with various suffixes
like "sucks", a domain or two for each of their products, maybe a name for
each of their regional offices, and so on. Adding a single name to
correspond to their site's network number will probably be fairly
insignificant.
b) I don't think any registrar will tell you, "No, people should stop
registering domains because the DNS infrastructure won't handle it." :-)
> 2. Extra overhead and delay of the additional query. For popular sites,
> which typically have a very short TTL, the extra query would happen often,
> leading to increased load on local DNS server blah blah blah
Like I said in the proposal, the authoritative server for the site-local
zone will likely be very close to all the clients doing lookups in that
zone. We would expect that site-local queries never leave the site.
> 3. Having to change the DNS client...buy-in from the DNS community might be
> tough.
Oh, yeah, and A6/DNAME don't require changing the DNS client at all. If
we're tacking on features, we may as well do it all up front. This can be
just another modification required for IPv6 support.
> 4. The weirdness of requesting query x from DNS, and DNS going off and
> actually making query y. Does this actually happen in any other context
> today? Sounds like a major architectural change for DNS...(ah, but then
> again it wouldn't be the first time for IPv6....)
Kind of. This is along the same lines as domain search paths. If I type
"http://www" into my browser, the DNS resolver will return the address for
www.litech.org even though I clearly did not type "litech.org" in the
address. It might even return the address for www.litech.internal, even
if what I expected was www.litech.org.
Note that domain search paths are configured via DHCP, and thus are set at
a site-level rather than individually for each host. (Although each host
is able to modify this if desired.)
> 5. Presumably sites that prefered two-faced over this would not want thier
> hosts making this extra xxx-site-ipv6.net query. So there would have to be
> some way of switching the behaviour on and off.
I'm a bit unclear on what you mean by "two-faced" DNS then. I'm assuming
that you mean that queryes for addresses inside the company.foo domain
would be answered differently depending on the IP address of the queryer.
My proposal would achieve exactly this, by having all clients inside the
site obtain addresses from the company.foo.x0012345678-site-ipv6.net zone
instead of the real company.foo zone. If two-faced DNS is desirable to
"hide" the addresses from hosts outside the site, then the DNS servers for
x0012345678-site-ipv6.net could easily be configured to only allow queries
from site-local addresses.
The other possible interpretation for two-faced DNS is that hosts inside
the site would use addresses in a separate domain, like company.internal
as described in the BIND documentation, and that company.internal would
only be available to hosts inside the site. My proposal is analogous to
this, only the internal-only zone is registered globally, and clients
automatically look up addresses inside the zone without manual
configuration.
Hope this clears things up. -Nathan
--
+-------------------+---------------------+------------------------+
| Nathan Lutchansky | [EMAIL PROTECTED] | Lithium Technologies |
+------------------------------------------------------------------+
| I dread success. To have succeeded is to have finished one's |
| business on earth... I like a state of continual becoming, |
| with a goal in front and not behind. - George Bernard Shaw |
+------------------------------------------------------------------+
--------------------------------------------------------------------
IETF IPng Working Group Mailing List
IPng Home Page: http://playground.sun.com/ipng
FTP archive: ftp://playground.sun.com/pub/ipng
Direct all administrative requests to [EMAIL PROTECTED]
--------------------------------------------------------------------
