[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: DNS and ULA



On May 23, 2007, at 03:08, Iljitsch van Beijnum wrote:
On 23-mei-2007, at 10:23, Brian E Carpenter wrote:

Bingo. In the real world, most candidates for using ULAs have been running split DNS for years,

Split DNS is a very dirty hack, we shouldn't promote that.

Strange. Section 4.4 of RFC 4193 seems expressly to prohibit-- with a normative "MUST NOT"-- the sending of reverse ULA-to-name queries to name servers operating in the global DNS horizon. How are we supposed to use them *without* splitting from the public DNS horizon?

While I'm on the subject... doesn't IETF already prohibit recursive DNS resolvers operating in the global DNS horizon to follow name server delegations through names that have no AAAA records with globally routable addresses in them? If not, then I'd call that an oversight.

Also, I think RFC 4193 could be a little stronger. It should prohibit DNS servers operating in the global DNS horizon from sending recursive responses containing AAAA records with ULA in them, and it should require DNS resolvers operating recursively in the global DNS horizon to ignore all AAAA records containing ULA in them.


--
james woodyatt <jhw@apple.com>
member of technical staff, communications engineering