To:
Simon Coffey <sicoffey@yahoo.com>
CC:
dnsop@cafax.se, sandy.strain@integralis.com
From:
"Eric A. Hall" <ehall@ehsco.com>
Date:
Wed, 14 Jun 2000 08:46:47 -0700
Sender:
owner-dnsop@cafax.se
Subject:
Re: ID on DNS TLD for private networks
> I'm co-author of an I-D proposing a new TLD for > private networks. > I'd be interested in comments on and suggestions > regarding the draft The BEST practice is to register domain names to ensure that collisions do not occur. For example, Acme Corp may choose "acme.pri" for their private domain name. They configure their DNS server to be authority for ".pri" and "acme.pri", whilst all domains outside of the ".pri" domain will be resolved via public DNS servers. Should Acme Corp wish to make its private domain names accessible to Cowboy Corp, who use the private domain "cowboy.pri", then the two organisations simply merge and synchronize their ".pri" zones. The problems start to occur when Cowboy Boots merges with Cowboy Hats, and they have to merge their private copies of cowboy.pri to avoid name collision while still managing independent delegation of the shared namespace. Good luck on that! The BEST way to avoid these kinds of problems is to encourage people to register domains when they need them, thereby ensuring that collisions do not occur. If they won't do that, encourage them to at least use sub-domains under an existing domain registration. This is the same kind of problems that crop up with private addressing. One of the goals behind that was to stop people from assigned IP addresses so that collision between internal and external network numbers was reduced. However, everybody used the same numbers so collision still occurs whenever mergers or VPNs are established. For example, Cowboy Boots and Cowboy Hats both use 10.0.0.xxx, and after they hook up they are still faced with collision problems until one of them renumbers. If they had gotten official addresses through legitimate channels, there wouldn't be any collision with ANY addresses. [granted there are lots of other issues here like the difficulties in actually obtaining a private block of addresses from ARIN, but the central point is still valid: collisions still happen] The same is going to be true with .pri domain names. We should be encouraging people to ensure uniqueness through registration, rather than promoting duplicate allocations through non-registration. This should also be a matter of policy. -- Eric A. Hall http://www.ehsco.com/ Internet Core Protocols http://www.oreilly.com/catalog/coreprot/