Re: [DNSOP] Terminology question: split DNS

Steve Crocker <steve@shinkuro.com> Mon, 19 March 2018 21:31 UTC

Return-Path: <steve@shinkuro.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D2DAE12D94A for <dnsop@ietfa.amsl.com>; Mon, 19 Mar 2018 14:31:00 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.598
X-Spam-Level:
X-Spam-Status: No, score=-2.598 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=shinkuro-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HirGjZZt6iOL for <dnsop@ietfa.amsl.com>; Mon, 19 Mar 2018 14:30:58 -0700 (PDT)
Received: from mail-wm0-x22e.google.com (mail-wm0-x22e.google.com [IPv6:2a00:1450:400c:c09::22e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 66395127058 for <dnsop@ietf.org>; Mon, 19 Mar 2018 14:30:58 -0700 (PDT)
Received: by mail-wm0-x22e.google.com with SMTP id 139so18562145wmn.2 for <dnsop@ietf.org>; Mon, 19 Mar 2018 14:30:58 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=shinkuro-com.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:from:date:message-id:subject:to; bh=Xn7ILAdieyK0AEd5XCD8XiZPnIr+xI1F4f7RuTKDT5k=; b=gh6PmOvdkvzxgIosfqPzB4MoLzz2JwwxchmsrDtF7lm5rOV7lhgEPmGoMfUKx6NVaV XYqcGNQNLqzAzCZgNmAGfDty1Sa4yUqoW5D1r14ENTry+a6I0+MpHoMp6ncyTtp0bP28 0Tdu9sYrLlJ/zYvApOdI6LCZrdOkBbLa0HYpfygWVoC0pnv2vJZs1jDUI170CDnoYMs3 eeu4B5g74ZLvuIsKHEHWH/r433NPfOfbqStKEP/+6Z5dygmHIIKvU7GgxBOxheHJGNj0 yeOwQ416DVB9z5yW5nSGgO9WUNZnslsk8Z4m0zEVHKul+CkxwnZQYnSud1FRQ4lU02wB lyTQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to; bh=Xn7ILAdieyK0AEd5XCD8XiZPnIr+xI1F4f7RuTKDT5k=; b=S/OqT1yzKZcOG3s5lxDRRNwoXtDZ8oXDoRAXPkRvWp2CNB7OPE5CcHzWk0hdkBHvQF c/9bCx27jgXqz9bAaHIiCFBbp/RMLIszVqj62mvHKblOyoVHT+cbdtEFCNul5+0KvKe0 3SNPr4ow9iRxXfvWg1gngw8YrMVtvuVq0Uvp7bTB+YU7clrrj1i2COWfEXybqFBfRFed PxLmaZGjB+80F+mUwn7ZIM7BMYjlMCsntYcEgYMcEyp1LbRolyaQTRf/RPiV4NakZO6a 6RomQG9NcUyx9JZG420mL268TI/DNCoEHNU7Yh/4aPXw2wy8jYH8a/RwgIwjwtT6olTk kV7w==
X-Gm-Message-State: AElRT7E5aZtPfHNUqei7ASBw9olGBPsTp8LjMVLu9AW9BBN+RrXZFHk+ i4p6beiP7SItINJd+cHXXEcPmICz12DH6Z7oiMw2Tg==
X-Google-Smtp-Source: AG47ELua9h5TXBl1Z8hc9nbWsf+FhW70/l4uztl2yeOBMnxlSDnAXEDbvEB+fcKN+COU9Mn00+KAV5i7E++Fk//pXy4=
X-Received: by 10.28.47.3 with SMTP id v3mr204743wmv.96.1521495056420; Mon, 19 Mar 2018 14:30:56 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.28.239.7 with HTTP; Mon, 19 Mar 2018 14:30:55 -0700 (PDT)
In-Reply-To: <alpine.LRH.2.21.1803191711420.12290@bofh.nohats.ca>
References: <3D490CA8-0733-47AD-A088-113B1116B207@vpnc.org> <CAKr6gn0RrJEzLCg-nzmwpY7R4XUtRXudQZWdgpz2Vt3X1+BL4Q@mail.gmail.com> <D2E84EBB-9AE5-469B-B8A5-37DBD9CD8D44@fugue.com> <5AB00268.4040902@redbarn.org> <9098.1521492996@dash.isi.edu> <alpine.LRH.2.21.1803191711420.12290@bofh.nohats.ca>
From: Steve Crocker <steve@shinkuro.com>
Date: Mon, 19 Mar 2018 17:30:55 -0400
Message-ID: <CABf5zvLW_p9emh9woaHok3seR+EX8A6gBmk8GYcjeG7JYHiq=w@mail.gmail.com>
To: dnsop <dnsop@ietf.org>
Content-Type: multipart/alternative; boundary="001a114236385da5740567caaca7"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/gu4Ny8vyA-xK0ZlrVZzikOfFw_g>
Subject: Re: [DNSOP] Terminology question: split DNS
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 19 Mar 2018 21:31:01 -0000

I haven't been following the current thread but I have encountered this
topic before and I have thought about the implications for DNSSEC.

The terminology of "split DNS" -- and equivalently "split horizon DNS" --
is, in my opinion, a bit limited.  It's not too hard to imagine further
carve outs.  For me, the general case is at every point in the network,
there is an external world and an internal world.  Let's say I am in charge
of the systems that support a department within a division of a very large
company.  I could imagine a department DNS that resolves names within the
department but forwards other queries to the division DNS resolvers.  They
resolve names within the division and forward other queries to the
company's resolvers.  The company's resolvers handle queries for names
defined by the company and forward other queries to the outside.

If we're going to tackle this problem, let's do it cleanly and completely.

Steve


On Mon, Mar 19, 2018 at 5:14 PM, Paul Wouters <paul@nohats.ca>; wrote:

> On Mon, 19 Mar 2018, John Heidemann wrote:
>
> +1 on "split-horizon dns" as the term, over "split dns" and some other
>> neologism, on the basis of running code and existing documentation and
>> existing wide use.
>>
>
> I and google disagree:
>
> "split dns":  72900 hits
> "split horizon dns": 5640 hits
>
>
> If the document is about explaining terminology, it must explain "split
> dns" and can say another term for it is "split horizon dns", but not the
> other way around.
>
> I personally don't hear (or use) "split horizon dns"
>
> Paul
>
>
> _______________________________________________
> DNSOP mailing list
> DNSOP@ietf.org
> https://www.ietf.org/mailman/listinfo/dnsop
>