Re: [DNSOP] DNS names for local networks - not only home residental networks ...

Paul Vixie <> Sun, 03 September 2017 02:23 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 4677D1329C8 for <>; Sat, 2 Sep 2017 19:23:33 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id Hht-XfnvoYrj for <>; Sat, 2 Sep 2017 19:23:31 -0700 (PDT)
Received: from ( [IPv6:2001:559:8000:cd::5]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id D00E41321C9 for <>; Sat, 2 Sep 2017 19:23:31 -0700 (PDT)
Received: from [IPv6:2001:559:8000:c9:104a:9f00:a4be:7005] (unknown [IPv6:2001:559:8000:c9:104a:9f00:a4be:7005]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client did not present a certificate) by (Postfix) with ESMTPSA id 7AF1C61FF3; Sun, 3 Sep 2017 02:23:30 +0000 (UTC)
Message-ID: <>
Date: Sat, 02 Sep 2017 19:23:30 -0700
From: Paul Vixie <>
User-Agent: Postbox 5.0.18 (Windows/20170825)
MIME-Version: 1.0
To: Warren Kumari <>
CC: Paul Wouters <>, "" <>, "Walter H." <>
References: <> <> <> <> <> <>
In-Reply-To: <>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
Archived-At: <>
Subject: Re: [DNSOP] DNS names for local networks - not only home residental networks ...
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: IETF DNSOP WG mailing list <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Sun, 03 Sep 2017 02:23:33 -0000

Warren Kumari wrote:
> On Fri, Sep 1, 2017 at 4:14 PM, Paul Wouters<>  wrote:
>> Please see the last three years of dnsops and homenet working group list
>> archives.
> ... perhaps the other way of looking at the last thirty three years of
> DNS is that people *do* actually want something like this, and that
> perhaps it is time to actually create something specifically for it.

i think what people want is bigger than this, and that as a part, this 
part is small. one of the big differences between internet and its early 
competitors such as appletalk or decnet or the rest is that while the 
networks that died so that the internet could live did not scale -- they 
worked in a building or a network or a campus or a corporation, but not 
globally. whereas the internet works globally, but not locally.

we do not have well defined automation for making local names work when 
the internet connection is down. at a very modest level of necessary and 
inevitable complexity, one's own in-perimeter recursive servers can't 
find one's own in-perimeter authority servers. so if your internet 
connection goes down, then way more stuff becomes effectively 
unreachable than what's on the far side of the disconnection point.

mark andrews faced disconnections of this kind as a daily part of his 
work about 30 years ago when he developed the "stub zone" feature and 
contributed it to BIND4. but we have yet to automate it. and this rat 
hole is a deep one, because sometimes the disconnection is "all the 
links connecting my city / state / island / country to the rest of the 
global internet" and sometimes it's just your laptop, or one vm, or your 
LAN, or your house or office or campus.

in other words the necessary automation isn't going to benefit from 
static hints. it's a pity we can't rely on multicast for this kind of 
thing, although that often will work at the campus level.

in any case what "people *do* actually want" here is that naming always 
works for the devices and services one can reach and wishes to reach by 
name, for a network of arbitrary diameter, from a single container all 
the way up to interplanetary scope.

figuring out what names to reserve for which magnitude of diameter is a 
fool's errand, and so i've been ignoring homenet and all of its DNS 
related work.

we've been making people edit a "hosts" file for local naming and that's 
crazy. apple did something slightly more marketable by using multicast 
but that doesn't scale either. we've been making rfc1918 networks run a 
fake root zone that contains delegations to local servers. this is all 
wrongthink. it's not what the internet should be or how it should feel 
to use. we have PnP for devices now, but hardly for networks, unless all 
of the devices on the network come from apple, and none of them are 
outside the local (corporate? campus?) multicast domain.

DNS was a necessary first step and we took it. but we've known for at 
least the last 25 years that its architecture was too rigid when it 
comes to reachability by packet or of naming systems. if it's time to 
think about what people actually want to be doing, let's start there.

> Our smacking people on the nose with rolled up newspapers and saying
> "no, bad operator" ignores the fact that people still want this, and
> still do this, and there ain't nothing we can do to stop them...
> And so:

...not here.

P Vixie