Re: [dnssd] [DNSOP] Solicit feedback for the DNS behavior for workloads hosted in Cloud DCs described in draft-ietf-rtgwg-net2cloud-problem-statement
Petr Špaček <pspacek@isc.org> Fri, 27 January 2023 13:09 UTC
Return-Path: <pspacek@isc.org>
X-Original-To: dnssd@ietfa.amsl.com
Delivered-To: dnssd@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C87E9C14F731; Fri, 27 Jan 2023 05:09:22 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.097
X-Spam-Level:
X-Spam-Status: No, score=-7.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, NICE_REPLY_A=-0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=isc.org header.b="kLK5kpDx"; dkim=pass (1024-bit key) header.d=isc.org header.b="Tc0U2ASo"
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4xhj0Bm7ynbr; Fri, 27 Jan 2023 05:09:18 -0800 (PST)
Received: from mx.pao1.isc.org (mx.pao1.isc.org [149.20.64.53]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8A3F4C14F730; Fri, 27 Jan 2023 05:09:16 -0800 (PST)
Received: from zimbrang.isc.org (zimbrang.isc.org [149.20.1.12]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mx.pao1.isc.org (Postfix) with ESMTPS id BF6DC3AB007; Fri, 27 Jan 2023 13:09:15 +0000 (UTC)
ARC-Filter: OpenARC Filter v1.0.0 mx.pao1.isc.org BF6DC3AB007
Authentication-Results: mx.pao1.isc.org; arc=none smtp.remote-ip=149.20.1.12
ARC-Seal: i=1; a=rsa-sha256; d=isc.org; s=ostpay; t=1674824955; cv=none; b=cwItHbsV26rkZtPhIEDmO17Jo0qcyNN8I/re1rdEgwF9nGdX64yMIbB8Wo6lgy3jGAlYVbH5Bk/MOMrhvModJyafuh3GuMuNhI2FN4U7PePaJo8hqJXh9utWIoQ8NgSAszV5wFR7vUE9w9grA1tBmOQuBQbHOuKvadQdi9Eamy8=
ARC-Message-Signature: i=1; a=rsa-sha256; d=isc.org; s=ostpay; t=1674824955; c=relaxed/relaxed; bh=cM0fUsEUl/beWEzEsxZu67gYknEA34ACknvaBmoSI8g=; h=DKIM-Signature:DKIM-Signature:Message-ID:Date:MIME-Version: Subject:To:From; b=ULTR8jHw20G6U2JxasDQDSFHdP7xW6JsCL0w0QH29nNDgLGg7THxuH27WpJ1sjA6j/kKg06+X4k1SIHtVdREUygIJnHORD7PimxzH4a/8FdctA5VNi0pAjKtzsr0MHfgzBvihDxuK41IPSXxqiqVJ2gj/ogpJxb938kRNEQCkP0=
ARC-Authentication-Results: i=1; mx.pao1.isc.org
DKIM-Filter: OpenDKIM Filter v2.10.3 mx.pao1.isc.org BF6DC3AB007
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=isc.org; s=ostpay; t=1674824955; bh=cM0fUsEUl/beWEzEsxZu67gYknEA34ACknvaBmoSI8g=; h=Date:Subject:To:Cc:References:From:In-Reply-To; b=kLK5kpDxwL1bb2wJa57ritTWvX3aXyfeyf7yN2SQ2N1g0jJuv4KmWgGJ8MIu/sCvh rbxX6yfqhb1W49gdG0RvK0pXRW0VSViHh/S+CPA2nWawiNQGdESfX8RYMRbggbIyYL +wx1P2ni/eOsGu/C1/VxQlfxH7ieqJoqeIshnnPU=
Received: from zimbrang.isc.org (localhost.localdomain [127.0.0.1]) by zimbrang.isc.org (Postfix) with ESMTPS id A9B039E84BA; Fri, 27 Jan 2023 13:09:15 +0000 (UTC)
Received: from localhost (localhost.localdomain [127.0.0.1]) by zimbrang.isc.org (Postfix) with ESMTP id 76DC19E84C2; Fri, 27 Jan 2023 13:09:15 +0000 (UTC)
DKIM-Filter: OpenDKIM Filter v2.10.3 zimbrang.isc.org 76DC19E84C2
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=isc.org; s=05DFB016-56A2-11EB-AEC0-15368D323330; t=1674824955; bh=cM0fUsEUl/beWEzEsxZu67gYknEA34ACknvaBmoSI8g=; h=Message-ID:Date:MIME-Version:To:From; b=Tc0U2ASo7Kf4dGTACUanSAEUPx0ESOGJlaq/LBZw4QHkRBBJ/+RrgEIAtOStPw5Ro sJSpcLbkcKyxF5H1exuNdSmTknxi7YoNgUeYFWP74EUF+ujktj596Oxnrj2n+Hpj3W 1bUXue70mBUEcDFV4Z9PGBgeF6CfSLzbMs2CYO6c=
Received: from zimbrang.isc.org ([127.0.0.1]) by localhost (zimbrang.isc.org [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id 4Y-lg-E63TSy; Fri, 27 Jan 2023 13:09:15 +0000 (UTC)
Received: from [192.168.0.158] (ip-86-49-254-111.bb.vodafone.cz [86.49.254.111]) by zimbrang.isc.org (Postfix) with ESMTPSA id 843709E84BA; Fri, 27 Jan 2023 13:09:14 +0000 (UTC)
Message-ID: <9f76dd89-f645-ccc4-8519-a159a946f158@isc.org>
Date: Fri, 27 Jan 2023 14:09:11 +0100
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.7.0
Content-Language: en-US
To: Linda Dunbar <linda.dunbar@futurewei.com>
Cc: "rtgwg@ietf.org" <rtgwg@ietf.org>, "dnsop@ietf.org" <dnsop@ietf.org>, "dnssd@ietf.org" <dnssd@ietf.org>
References: <CO1PR13MB49205414F4D43B26111F3FAC85CE9@CO1PR13MB4920.namprd13.prod.outlook.com> <9047.1674674261@localhost>
From: Petr Špaček <pspacek@isc.org>
In-Reply-To: <9047.1674674261@localhost>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnssd/MfmbIwVaWX6dmRulDCdY0xwsIFc>
Subject: Re: [dnssd] [DNSOP] Solicit feedback for the DNS behavior for workloads hosted in Cloud DCs described in draft-ietf-rtgwg-net2cloud-problem-statement
X-BeenThere: dnssd@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Discussion of extensions to DNS-based service discovery for routed networks." <dnssd.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnssd>, <mailto:dnssd-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnssd/>
List-Post: <mailto:dnssd@ietf.org>
List-Help: <mailto:dnssd-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnssd>, <mailto:dnssd-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 27 Jan 2023 13:09:22 -0000
On 25. 01. 23 20:17, Michael Richardson wrote: > I strongly agree with you recommendation: > >> Globally unique names do not equate to globally resolvable names or even >> global names that resolve the same way from every perspective. Globally >> unique names can prevent any possibility of collisions at present or in the >> future, and they make DNSSEC trust manageable. Consider using a registered >> and fully qualified domain name (FQDN) from global DNS as the root for >> enterprise and other internal namespaces. Oh yes please. I 100% support this. FTR the DNS protocol folks, myself included, were saying this for a long time. Advice like this can also be seen in even in enterprise-oriented docs, e.g. https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/networking_guide/ch-configure_host_names#sec-Recommended_Naming_Practices (That's from ~ 2015, so also not brand new.) If you can make somehow amplify this advice I might end up owing you lots and lots of beverages :-) -- Petr Špaček Internet Systems Consortium
- [dnssd] Solicit feedback for the DNS behavior for… Linda Dunbar
- Re: [dnssd] Solicit feedback for the DNS behavior… Michael Richardson
- Re: [dnssd] [DNSOP] Solicit feedback for the DNS … Petr Špaček
- Re: [dnssd] Solicit feedback for the DNS behavior… Linda Dunbar