Re: New Version Notification for draft-mrw-6man-ulac-analysis-00

Tue, 20 Nov 2007 04:19:40 -0800

On 20 nov 2007, at 13:04, <[EMAIL PROTECTED]> <[EMAIL PROTECTED]> wrote: 


Now the DNS must know about routing?



Why would the DNS need to know anything about routing?
ULA addressing is intended for local use.



Right, so the DNS needs to know what's local and what isn't. (Since my  
own server's IP addresses are the only ones I can remember without a  
working DNS, I always use that one when I'm somewhere where there is  
no working DNS. My server doesn't know what's local at the venue where  
I happen to be at any particular time.)



This gets more complex when you make backdoor connections to other  
users of ULA space.



If an organization
wants to enforce that policy by putting filters in their
routers which talk to the public Internet, they are free
to do so.



This is probably the best way to handle it if the routers return the  
right ICMP messages, because that way the hosts immediately know they  
have to retry using a different address. This worked quite well for  
me, I think in Montreal, when the www.ietf.org server had just gained  
IPv6 reachability but it was through a /48 prefix which was filtered  
out by the ISP serving the IETF meeting.



If they want to put filters in the DNS servers
which talk to the public Internet, they are free to do
so. The DNS filters are about policy, and have nothing to
do with routing.



People are going to do stupid things. It's our job at the IETF to give  
them a decent alternative.



You are the one who said that somebody might put ULA
addresses in AAAA records that are visible to the Internet
instead of running proper split-horizon for their internal
DNS.



There's nothing proper about two faced DNS. ULA addresses ARE going to  
show up in unexpected places, we need to be prepared to deal with that  
when it happens. I don't believe this is necessarily even a  
misconfiguration.


--------------------------------------------------------------------
IETF IPv6 working group mailing list
[email protected]
Administrative Requests: https://www1.ietf.org/mailman/listinfo/ipv6
--------------------------------------------------------------------






















					Reply via email to