I am afraid I am slow.. I still don't get the need to publicly advertise DNS for ULA(-x) .. if your neighbor cannot route to your ULA he doesn't need to know what it's names are.. if you do allow him to enter your network via VPN or whatever there is either a dhcp-like process by which he is granted an address which will also give him a name server to use, or when he says "Hey, Can I have access to your network" you can say "Sure, here are your credentials and my DNS server is..."
Then of course because you can populate your DNS server with whatever zones you want when your neighbor queries your name server it will tell him what he wants to know. Aren't your DNS servers going to provide different views for clients coming from PI or PA than they do for clients coming from ULAx anyway? or is your network going to be a completely glass house? Typically "local" clients get more access and information than non-local clients. > -----Original Message----- > From: james woodyatt [mailto:[EMAIL PROTECTED] > Sent: Thursday, June 28, 2007 12:35 PM > To: IETF IPv6 Mailing List > Subject: Re: I-D ACTION:draft-ietf-ipv6-ula-central-02.txt > > On Jun 28, 2007, at 03:24, Jeroen Massar wrote: > > > > If one *really* requires that there will be reverse that is > > 'automatically setup' (ignoring that you still have to do > it for the > > forward) then define in the draft the method that James Woodyatt > > proposed of using synthesized reverse records for > 0.0.c.f.ip6.arpa. > > And then simply declaring that the highest subnet (::ffff:<64bits>) > > contains at ::53 a DNS server serving reverse ip6.arpa for > that zone. > > I don't think I can claim full credit for this idea. I think > Christian Huitema posted first. The proposal is just for > automatically delegating the authoritative name service for > reverse DNS to ULA-C address space. > > (p.s. I also like the idea of defining an anycast identifier > for DNS resolving proxy servers in the locally preferred > horizon. I understand, however, that *that* idea is more > controversial-- though I don't understand why it should be. > At the risk of derailing the topic, I'd like to mention that > I know of at least one consumer Internet gateway product that > advertises its DNS proxy service with > IPv6 multicast DNS with a SRV records for _domain._udp.local and > _domain._tcp.local pointing to the AAAA records for the gateway. > This was done because there was no anycast identifier for > nodes on unmanaged networks to find their preferred DNS proxy.) > > > -- > james woodyatt <[EMAIL PROTECTED]> > member of technical staff, communications engineering > > > > -------------------------------------------------------------------- > IETF IPv6 working group mailing list > [email protected] > Administrative Requests: https://www1.ietf.org/mailman/listinfo/ipv6 > -------------------------------------------------------------------- > -------------------------------------------------------------------- IETF IPv6 working group mailing list [email protected] Administrative Requests: https://www1.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------
