[DNSOP] howto "internal"

"A. Schulze" <sca@andreasschulze.de> Tue, 24 July 2018 14:52 UTC

Return-Path: <sca@andreasschulze.de>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0CBE013111F for <dnsop@ietfa.amsl.com>; Tue, 24 Jul 2018 07:52:33 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.001
X-Spam-Level:
X-Spam-Status: No, score=-2.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=neutral reason="invalid (unsupported algorithm ed25519-sha256)" header.d=andreasschulze.de header.b=bX/Sc/7e; dkim=pass (2048-bit key) header.d=andreasschulze.de header.b=F6KlDjlc
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id j4IcTcBTcmat for <dnsop@ietfa.amsl.com>; Tue, 24 Jul 2018 07:52:30 -0700 (PDT)
Received: from mta.somaf.de (mta.somaf.de [IPv6:2001:470:77b3:103::25]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D4592131110 for <dnsop@ietf.org>; Tue, 24 Jul 2018 07:52:29 -0700 (PDT)
DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=andreasschulze.de; i=@andreasschulze.de; q=dns/txt; s=ed25519; t=1532443939; h=to : from : subject : message-id : date : mime-version : content-type : content-transfer-encoding : from : subject : date; bh=Va/b4KuYb5jxSDf1OtgAKd+Dag5cXqZgyPqxFDdVD7k=; b=bX/Sc/7eCGAzGjXThvJwHzAkVdJvEqNFMyEy1T2pa7XA/UCIPUmMZE+L RKNQ2eYcwoW7eydVQw4b5uGZbPnKCw==
To: dnsop@ietf.org
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=andreasschulze.de; s=20180621-B6E0; t=1532443937; x=1537443937; bh=Va/b4KuYb5jxSDf1OtgAKd+Dag5cXqZgyPqxFDdVD7k=; h=To:From:Subject:Message-ID:Date:Content-Type:from:reply-to: subject:date:to:cc:content-type:message-id; b=F6KlDjlcVRgOcv/isNZ4f+kEtxnA2RlXP0JhtiigUt9rraOCwrosGXvf2xvV23AKr OXxnTPjnCQDcuLr53YGL88iE6hgskOQQ8GXcOD7l9ltIaVBNUkUmwEO0mRBCDxTZhn Ebr1NARzAd4h3wput6+XbyJTbimqDG+i56kMx2qz/vf0rgfE7E5GN2atA8SdrghsCk yG39ClXBaH/a8Qq8jbcSvShN2YIOmaorAmkK+mxo3EBaJKzNtowjVbZLNbxsO1pYrF afeL9ESxW1C7KsD9zbf7nZGtphz6S5jWz24fOSu9oS1QZlNNE6qd1ces41U5STJ+sA ujjZcxP4291XQ==
From: "A. Schulze" <sca@andreasschulze.de>
Message-ID: <1cb82914-0bc3-9ea7-7f69-9dc826d19e48@andreasschulze.de>
Date: Tue, 24 Jul 2018 16:52:05 +0200
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Language: en-US
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/bUGZygMgi0ZyIlEB_qpZQPtWpak>
Subject: [DNSOP] howto "internal"
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.27
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 24 Jul 2018 14:52:33 -0000

Hello,

some times ago there was an proposal (?) from Warren Kumari to define a zone "internal." for internal use.

We consider a major DNS redesign of a large enterprise network. Part of the network is private (RFC1918 address space in use)
some other parts are public. The whole network is currently organized as subdomains of example.com. 

One problem is the inability of users to distinguish the public/private state of different subdomains.
sub1.example.com is public, sub2.example.com isn't :-/

For that I like the proposal to use "internal." But that's far away from being a standard.
So I like to ask about alternatives...

Thanks for suggestions
Andreas