[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: DNS and ULA

To: IETF V6OPS WG <v6ops@ops.ietf.org>
Subject: Re: DNS and ULA
From: james woodyatt <jhw@apple.com>
Date: Wed, 23 May 2007 12:48:47 -0700
In-reply-to: <23C44099-9B56-4C85-B522-E5D7D671D4B7@muada.com>
References: <20070521143828.GB17740@vacation.karoshi.com> <52F0686F-D9E0-423F-B90D-AEF4D51CC922@cisco.com> <20070521184048.GF31238@elvis.mu.org> <2094A476-F6B2-470E-9779-C52B481F0D09@cisco.com> <20070522003640.GI31238@elvis.mu.org> <A80093C8-5FCB-4563-A0B1-4E44C5E59775@cisco.com> <D4406F6D-1856-4D74-9964-31A066B8BB2F@muada.com> <CDE93B08-3199-438D-B59C-169D0D4230CF@apple.com> <4653F9F7.40309@gmail.com> <23C44099-9B56-4C85-B522-E5D7D671D4B7@muada.com>

On May 23, 2007, at 03:08, Iljitsch van Beijnum wrote:

On 23-mei-2007, at 10:23, Brian E Carpenter wrote:
Bingo. In the real world, most candidates for using ULAs have beenrunning split DNS for years,
Split DNS is a very dirty hack, we shouldn't promote that.

Strange. Section 4.4 of RFC 4193 seems expressly to prohibit-- witha normative "MUST NOT"-- the sending of reverse ULA-to-name queriesto name servers operating in the global DNS horizon. How are wesupposed to use them *without* splitting from the public DNS horizon?

While I'm on the subject... doesn't IETF already prohibit recursiveDNS resolvers operating in the global DNS horizon to follow nameserver delegations through names that have no AAAA records withglobally routable addresses in them? If not, then I'd call that anoversight.

Also, I think RFC 4193 could be a little stronger. It shouldprohibit DNS servers operating in the global DNS horizon from sendingrecursive responses containing AAAA records with ULA in them, and itshould require DNS resolvers operating recursively in the global DNShorizon to ignore all AAAA records containing ULA in them.



--
james woodyatt <jhw@apple.com>
member of technical staff, communications engineering

Follow-Ups:
- Re: DNS and ULA
  - From: Iljitsch van Beijnum <iljitsch@muada.com>

References:
- Fwd: [info@arin.net: [arin-announce] ARIN Board Advises Internet Community on Migration to IPv6]
  - From: Fred Baker <fred@cisco.com>
- Re: Fwd: [info@arin.net: [arin-announce] ARIN Board Advises Internet Community on Migration to IPv6]
  - From: bill fumerola <billf@mu.org>
- Re: [info@arin.net: [arin-announce] ARIN Board Advises Internet Community on Migration to IPv6]
  - From: Fred Baker <fred@cisco.com>
- Re: [info@arin.net: [arin-announce] ARIN Board Advises Internet Community on Migration to IPv6]
  - From: bill fumerola <billf@mu.org>
- Re: [info@arin.net: [arin-announce] ARIN Board Advises Internet Community on Migration to IPv6]
  - From: Fred Baker <fred@cisco.com>
- Re: [info@arin.net: [arin-announce] ARIN Board Advises Internet Community on Migration to IPv6]
  - From: Iljitsch van Beijnum <iljitsch@muada.com>
- Re: ARIN Board Advises Internet Community on Migration to IPv6
  - From: james woodyatt <jhw@apple.com>
- Re: ARIN Board Advises Internet Community on Migration to IPv6
  - From: Brian E Carpenter <brian.e.carpenter@gmail.com>
- Re: ARIN Board Advises Internet Community on Migration to IPv6
  - From: Iljitsch van Beijnum <iljitsch@muada.com>

Prev by Date: Re: BCP for multisite multihoming
Next by Date: Re: DNS and ULA
Previous by thread: Re: ARIN Board Advises Internet Community on Migration to IPv6
Next by thread: Re: DNS and ULA
Index(es):
- Date
- Thread