Re: [mif] [dnsext] [DNSOP] 2nd Last Call for MIF DNS server selection document

Doug Barton <dougb@dougbarton.us> Sat, 22 October 2011 18:43 UTC

Return-Path: <dougb@dougbarton.us>
X-Original-To: mif@ietfa.amsl.com
Delivered-To: mif@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 76E7021F88B6 for <mif@ietfa.amsl.com>; Sat, 22 Oct 2011 11:43:04 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.534
X-Spam-Level:
X-Spam-Status: No, score=-2.534 tagged_above=-999 required=5 tests=[AWL=-0.135, BAYES_00=-2.599, J_CHICKENPOX_33=0.6, J_CHICKENPOX_43=0.6, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id BIKCDGebNhpE for <mif@ietfa.amsl.com>; Sat, 22 Oct 2011 11:43:03 -0700 (PDT)
Received: from mail2.fluidhosting.com (mx22.fluidhosting.com [204.14.89.5]) by ietfa.amsl.com (Postfix) with ESMTP id 9472E21F8801 for <mif@ietf.org>; Sat, 22 Oct 2011 11:43:03 -0700 (PDT)
Received: (qmail 10717 invoked by uid 399); 22 Oct 2011 18:43:01 -0000
Received: from unknown (HELO 172-17-198-245.globalsuite.net) (dougb@dougbarton.us@12.207.105.210) by mail2.fluidhosting.com with ESMTPAM; 22 Oct 2011 18:43:01 -0000
X-Originating-IP: 12.207.105.210
X-Sender: dougb@dougbarton.us
Message-ID: <4EA30EB0.6080605@dougbarton.us>
Date: Sat, 22 Oct 2011 11:42:56 -0700
From: Doug Barton <dougb@dougbarton.us>
Organization: http://SupersetSolutions.com/
User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:7.0.1) Gecko/20111001 Thunderbird/7.0.1
MIME-Version: 1.0
To: Keith Moore <moore@network-heretics.com>
References: <COL118-W55403198A984BAAE44BA47B1F70@phx.gbl> <916CE6CF87173740BC8A2CE44309696203782D75@008-AM1MPN1-037.mgdnok.nokia.com> <121DABD1-65E8-4275-8471-9FA38D25C434@nominet.org.uk> <916CE6CF87173740BC8A2CE44309696203783EE0@008-AM1MPN1-037.mgdnok.nokia.com> <4EA09791.8010705@gmail.com> <C8398996-79B5-437E-82A5-6B869ECF8F4E@network-heretics.com> <94C2E518-F34F-49E4-B15C-2CCCFAA96667@virtualized.org> <12477381-9F74-4C50-B576-47EE4322F6BC@network-heretics.com> <CAH1iCiqsN-R87VK3vKityPsY+NXA=0DRASYf_vmBSy8gvYwHdQ@mail.gmail.com> <916CE6CF87173740BC8A2CE44309696203784B27@008-AM1MPN1-037.mgdnok.nokia.com> <708F3212-3C9C-4B61-AA77-EFA8F1CA5B04@nominum.com> <30B1AE01-0A35-48D2-91AF-46FC8B60466C@network-heretics.com>
In-Reply-To: <30B1AE01-0A35-48D2-91AF-46FC8B60466C@network-heretics.com>
X-Enigmail-Version: undefined
OpenPGP: id=1A1ABC84
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
X-Mailman-Approved-At: Sat, 22 Oct 2011 17:32:26 -0700
Cc: "<mif@ietf.org>" <mif@ietf.org>, "<dnsop@ietf.org>" <dnsop@ietf.org>, "<dnsext@ietf.org>" <dnsext@ietf.org>, "<pk@isoc.de>" <pk@isoc.de>, "<dhcwg@ietf.org>" <dhcwg@ietf.org>, "<denghui02@hotmail.com>" <denghui02@hotmail.com>
Subject: Re: [mif] [dnsext] [DNSOP] 2nd Last Call for MIF DNS server selection document
X-BeenThere: mif@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Multiple Interface Discussion List <mif.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mif>, <mailto:mif-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/mif>
List-Post: <mailto:mif@ietf.org>
List-Help: <mailto:mif-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mif>, <mailto:mif-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 22 Oct 2011 18:43:04 -0000

On 10/21/2011 08:13, Keith Moore wrote:
> Names containing "." should not be subject to search lists.  Given a
> name like foo.bar, there's no reliable way to tell whether "bar" is a
> TLD or a subdomain of something in the search list. 

I've been following this discussion, mostly in the hopes that it would
go away. :)  However since the discussion keeps circling I thought I'd
throw in my 2 cents.

1. I think we're all in agreement that dot-terminated names (e.g.,
example.) should not be subject to search lists. I personally don't have
any problems with any document mentioning that this is the expected
behavior.

2. I think most of us agree that a bare label (no dots, e.g., example)
will almost certainly be subject to a search list. My suggestion would
be that the common behavior be described in a "here be dragons" format,
without attempting to be proscriptive.

3. For hostnames with a dot (although not necessarily ending in a TLD,
such as foo.example) I think it's reasonable to say that the desired
behavior is to first try to look them up "as is" without applying a
search list, and if that fails to then apply the search list; with the
same caveat as above, descriptive language for this document instead of
proscriptive.

In regards to 3, let's say I have a domain, example.org. In my network I
have various subdomains that represent various network segments, let's
say foo, bar, and baz. Personally, I find it convenient to put
'example.com' in the search list for all of my hosts, and then type 'ssh
host.bar' and go off on my merry way. Yes, I understand that in my
simple example I could theoretically put all 3 subdomains in the search
list. Now assume that my network isn't actually that simple ...


hth,

Doug

-- 

	Nothin' ever doesn't change, but nothin' changes much.
			-- OK Go

	Breadth of IT experience, and depth of knowledge in the DNS.
	Yours for the right price.  :)  http://SupersetSolutions.com/