Re: [DNSOP] Terminology question: split DNS
Evan Hunt <each@isc.org> Tue, 20 March 2018 08:15 UTC
Return-Path: <each@isc.org>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C18551200C5 for <dnsop@ietfa.amsl.com>; Tue, 20 Mar 2018 01:15:02 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.911
X-Spam-Level:
X-Spam-Status: No, score=-6.911 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ad4edivM0Xur for <dnsop@ietfa.amsl.com>; Tue, 20 Mar 2018 01:15:01 -0700 (PDT)
Received: from mx.pao1.isc.org (mx.pao1.isc.org [IPv6:2001:4f8:0:2::2b]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A75BD126B6D for <dnsop@ietf.org>; Tue, 20 Mar 2018 01:15:01 -0700 (PDT)
Received: from bikeshed.isc.org (bikeshed.isc.org [149.20.48.19]) (using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 bits)) (No client certificate requested) by mx.pao1.isc.org (Postfix) with ESMTPS id 6FFEB3AB001; Tue, 20 Mar 2018 08:15:01 +0000 (UTC)
Received: by bikeshed.isc.org (Postfix, from userid 10292) id 538F6216C1C; Tue, 20 Mar 2018 08:15:01 +0000 (UTC)
Date: Tue, 20 Mar 2018 08:15:01 +0000
From: Evan Hunt <each@isc.org>
To: Ted Lemon <mellon@fugue.com>
Cc: Paul Hoffman <paul.hoffman@vpnc.org>, dnsop <dnsop@ietf.org>
Message-ID: <20180320081501.GA99022@isc.org>
References: <3D490CA8-0733-47AD-A088-113B1116B207@vpnc.org> <80F91E05-4A54-4EB2-9298-69C2CD4725CC@fugue.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <80F91E05-4A54-4EB2-9298-69C2CD4725CC@fugue.com>
User-Agent: Mutt/1.5.23 (2014-03-12)
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/e8-SfXTqZkTT1mCcM_6g0WHsPUY>
Subject: Re: [DNSOP] Terminology question: split DNS
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 20 Mar 2018 08:15:03 -0000
On Mon, Mar 19, 2018 at 05:58:08PM +0000, Ted Lemon wrote: > Yeah, that's a bit iffy. Homenet is another example of the same thing. > I would make it more generic, something like this: > > Where DNS servers that are authoritative for a particular set of domains > provide partly or completely different answers in those domains depending > on the source of the query. The effect of this is that a domain name that > is notionally globally unique nevertheless has different meanings for > different network users. This might be a little *too* generic: it appears to cover things like geographically tailored responses and EDNS Client-Subnet, as well as the internal and external views that are more typically what "split[-horizon] DNS" refers to. At a technical level there may not be much difference, but I've always thought of "split DNS" as being specific to the boundary point between an organizational intranet and the global internet. It's my impression that historically most people who've used the term meant it in that sense, and it might be confusing to broaden the definition retroactively. I do think the text above is useful, though. I would suggest that, as there are now several situations in which DNS responses may differ depending on the client, would could define a generic term for that ("multi-horizon DNS" or similar?), and then define "split DNS" as a specific case in which the answer depends on whether the originating client is inside or outside of a network controlled by the server's operator. -- Evan Hunt -- each@isc.org Internet Systems Consortium, Inc.
- [DNSOP] Terminology question: split DNS Paul Hoffman
- Re: [DNSOP] Terminology question: split DNS Paul Vixie
- Re: [DNSOP] Terminology question: split DNS Ted Lemon
- Re: [DNSOP] Terminology question: split DNS Jim Reid
- Re: [DNSOP] Terminology question: split DNS Artyom Gavrichenkov
- Re: [DNSOP] Terminology question: split DNS Bob Harold
- Re: [DNSOP] Terminology question: split DNS Artyom Gavrichenkov
- Re: [DNSOP] Terminology question: split DNS George Michaelson
- Re: [DNSOP] Terminology question: split DNS Artyom Gavrichenkov
- Re: [DNSOP] Terminology question: split DNS Paul Vixie
- Re: [DNSOP] Terminology question: split DNS Jim Reid
- Re: [DNSOP] Terminology question: split DNS Ted Lemon
- Re: [DNSOP] Terminology question: split DNS Robert Edmonds
- Re: [DNSOP] Terminology question: split DNS Paul Vixie
- Re: [DNSOP] Terminology question: split DNS George Michaelson
- Re: [DNSOP] Terminology question: split DNS Darcy Kevin (FCA)
- Re: [DNSOP] Terminology question: split DNS John Kristoff
- Re: [DNSOP] Terminology question: split DNS John Heidemann
- Re: [DNSOP] Terminology question: split DNS Paul Wouters
- Re: [DNSOP] Terminology question: split DNS Michael Sinatra
- Re: [DNSOP] Terminology question: split DNS Steve Crocker
- Re: [DNSOP] Terminology question: split DNS Paul Vixie
- Re: [DNSOP] Terminology question: split DNS Dick Franks
- Re: [DNSOP] Terminology question: split DNS Evan Hunt
- Re: [DNSOP] Terminology question: split DNS Ted Lemon
- Re: [DNSOP] Terminology question: split DNS Andrew Sullivan
- Re: [DNSOP] Terminology question: split DNS Ted Lemon
- Re: [DNSOP] Terminology question: split DNS Matt Larson
- Re: [DNSOP] Terminology question: split DNS Ted Lemon
- Re: [DNSOP] Terminology question: split DNS Darcy Kevin (FCA)
- Re: [DNSOP] Terminology question: split DNS Matthew Pounsett
- Re: [DNSOP] Terminology question: split DNS Matthew Pounsett
- Re: [DNSOP] Terminology question: split DNS Artyom Gavrichenkov