Re: [mif] [dnsext] bare names (was: 2nd Last Call for MIF DNS server selection document)

Mark Andrews <marka@isc.org> Thu, 20 October 2011 00:06 UTC

Return-Path: <marka@isc.org>
X-Original-To: mif@ietfa.amsl.com
Delivered-To: mif@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 700B221F87D3; Wed, 19 Oct 2011 17:06:25 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.578
X-Spam-Level:
X-Spam-Status: No, score=-2.578 tagged_above=-999 required=5 tests=[AWL=0.021, BAYES_00=-2.599]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Ha1k4BVJkVTB; Wed, 19 Oct 2011 17:06:25 -0700 (PDT)
Received: from mx.ams1.isc.org (mx.ams1.isc.org [IPv6:2001:500:60::65]) by ietfa.amsl.com (Postfix) with ESMTP id CFC8F21F87C9; Wed, 19 Oct 2011 17:06:24 -0700 (PDT)
Received: from bikeshed.isc.org (bikeshed.isc.org [IPv6:2001:4f8:3:d::19]) (using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 bits)) (Client CN "bikeshed.isc.org", Issuer "ISC CA" (verified OK)) by mx.ams1.isc.org (Postfix) with ESMTPS id C61E45F98E7; Thu, 20 Oct 2011 00:06:09 +0000 (UTC) (envelope-from marka@isc.org)
Received: from drugs.dv.isc.org (unknown [IPv6:2001:470:1f00:820:6233:4bff:fe01:7585]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by bikeshed.isc.org (Postfix) with ESMTPSA id 805CE216C6A; Thu, 20 Oct 2011 00:06:07 +0000 (UTC) (envelope-from marka@isc.org)
Received: from drugs.dv.isc.org (localhost [127.0.0.1]) by drugs.dv.isc.org (Postfix) with ESMTP id B961B159AF2F; Thu, 20 Oct 2011 11:06:05 +1100 (EST)
To: Margaret Wasserman <mrw@lilacglade.org>
From: Mark Andrews <marka@isc.org>
References: <COL118-W55403198A984BAAE44BA47B1F70@phx.gbl> <916CE6CF87173740BC8A2CE44309696203782D75@008-AM1MPN1-037.mgdnok.nokia.com> <121DABD1-65E8-4275-8471-9FA38D25C434@nominet.org.uk> <8EFC868A-8796-4013-BB07-F3D33F33C552@network-heretics.com> <20111019132633.GB18523@shinkuro.com> <79350865-2ED5-4B12-BA36-B53550CB01F7@network-heretics.com> <70C7ABD5-DF78-4F35-89DE-152EB1D21954@lilacglade.org>
In-reply-to: Your message of "Wed, 19 Oct 2011 12:07:27 EDT." <70C7ABD5-DF78-4F35-89DE-152EB1D21954@lilacglade.org>
Date: Thu, 20 Oct 2011 11:06:05 +1100
Message-Id: <20111020000605.B961B159AF2F@drugs.dv.isc.org>
X-Mailman-Approved-At: Wed, 19 Oct 2011 20:56:56 -0700
Cc: dhcwg@ietf.org, dnsop@ietf.org, mif@ietf.org, Keith Moore <moore@network-heretics.com>, dnsext@ietf.org
Subject: Re: [mif] [dnsext] bare names (was: 2nd Last Call for MIF DNS server selection document)
X-BeenThere: mif@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Multiple Interface Discussion List <mif.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mif>, <mailto:mif-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/mif>
List-Post: <mailto:mif@ietf.org>
List-Help: <mailto:mif-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mif>, <mailto:mif-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 20 Oct 2011 00:06:25 -0000

In message <70C7ABD5-DF78-4F35-89DE-152EB1D21954@lilacglade.org>rg>, Margaret Wass
erman writes:
> 
> Hi Keith,
> 
> On Oct 19, 2011, at 9:48 AM, Keith Moore wrote:
> > split-brain DNS is an abomination that should be eradicated from the planet
> .
> 
> Split DNS exists and is in wide-spread use, and that is just a fact.  We don'
> t have the power to eradicate it, nor do we currently have a better solution 
> for the types of things that people use split DNS for.
> 
> Margaret

That said there is little technical need for split brain with IPv6
only networks.  IPv4 networks and RFC 1918 addresses created a
technical problem (ambigious address use) that split brain DNS
addresses.

Publishing ULA addresses on the public internet shouldn't cause
problem.  One could even publish link local addresses on the public
internet if we added a globally unique differentiator for the link
to the records.

e.g.
	AAAA <domain> 

The domain would announced in RAs so that nodes on the link could
correctly filter the responses.  It would also allow getaddrinfo
to fill in scope.

8 byte address records would have solved the RFC 1918 address issue.
First 4 bytes are the A records and the next 4 are the public address
of the NAT or 0.0.0.0.  Resolvers would just filter out anything
that wasn't to 0.0.0.0 or their public NAT address.  One could have
even used them to route throuh the NAT using LSR.

> _______________________________________________
> dnsext mailing list
> dnsext@ietf.org
> https://www.ietf.org/mailman/listinfo/dnsext
-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: marka@isc.org