> Erik Nordmark wrote: > But the private interconnects seem to imply that there needs to > be more than two faces - one for each set of set of sites that > use GUPI/GUSL for private interconnects I think.
Yes. > Has anybody thought through how this would work? With recursive > resolvers? No. With an extra domain name. This problem already exists in v4: There is: - External DNS (very restricted) - Internal DNS (somehow unrestricted) - Business partners DNS. (somehow restricted) Business partners are connected with either a VPN or a physical PTP circuit. For a bundle of reasons, it is often necessary to have the same domain name for the inside and the outside. This is a mistake in many situations, as having mydomain.com for outside and mydomain.local for inside is typically more manageable. It is not always possible though. Anyway, this does not apply to external partners, which would be the case study for private inter-site GUPI communications. You could have a domain "sunbusinesspartners.com" for these purposes, populate that domain with only what business partners have to see, and make sure that queries/replies can go only over privileged links and not over the public Internet. There is no need for an EDI process with a supplier or a distributor to use sun.com, this is techie stuff and does not need to carry the company's flag. As of today, split or n-way DNS is a reality, both for small and large organizations (small organizations will typically have their external DNS hosted by their ISP). I don't think that the GUPI discussion changes anything to this, as the main reason it exists is the desire of network administrators to provide only restricted DNS visibility to people that have no business nosing in the inside of their networks. Michel. -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to [EMAIL PROTECTED] --------------------------------------------------------------------
