Re: transparent addrsel policy adjustment for outbound TE

[Pekka Savola <pekkas@netcore.fi>]

Hi,

I think the summary is:

This mechanism could be useful in moving SRV lookup implementation 
from the applications to the stub resolver.

In addition even without SRV lookups, it could be used for outbound TE 
policy distribution mechanism, though the benefits compared to (for 
example) DHCPv6-based policy distribution are questionable as you'd 
need to distribute the stub resolver policies using some other 
mechanism (e.g., DHCPv6 ;-).

On Wed, 5 Apr 2006, marcelo bagnulo braun wrote:
> > > i agree that the expressed policy has to be quite stable, i mean, the 
> > > cache will introduce certain inertia, and changing the preferences may 
> > > take some time, but at least you can express some preferences about which 
> > > addresses the site preffers for incoming communications...
> >
> > The problem is that DNS caches in the middle will cache both IP_1 and IP_2, 
> > but lose the "preference" which is conveyed by the weighted address 
> > ordering, because from the DNS cache perspective IP_1 and IP_2 are 
> > equivalent.
>
> but my assumption is that the remote resolver will also query for the SRV 
> record as local hosts do, so the SRV information will be retrieved also 
> (perhaps from the caches, but this is no problem if it is not very dynamic)
>
> wouldn't this work?

Indeed, it would work fine if SRV lookups would be done by remote 
resolvers.

I was thinking one step ahead, the scenarios where the remote 
resolvers don't have SRV lookup support.  Authoritative DNS servers at 
a local site could do the policy adjustment by weighing the responses, 
but it wouldn't really work due to caching (and to smaller degree, 
resolver's reordering of addresses).

--
Pekka Savola                 "You each name yourselves king, yet the
Netcore Oy                    kingdom bleeds."
Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings