[RETRANSMIT] Re: Radical Surgery proposal: stop doingreverse for IPv6.

[Brad Knowles <brad.knowles@skynet.be>]

[RETRANSMIT -- At least one mail server didn't like my outbound mail 
relay (gotta get my co-lo set up ;-( ), and I'm not sure who may or 
may not have received this message.  Sorry! -- Brad]


At 1:43 AM +1000 2003/03/20, George Michaelson wrote:

>  12pm midnight local time, every machine combines to do a DDOS on the DNS,
>  walking their logfiles. doesn't sound good to me.

	That's what is already happening today.  I don't see any difference here.

>  also sounds the kind of thing which could work better from some 
>other process.
>  when I ran a large FTP mirrors logfile processing, I used router 
>BGP dumps and
>  pre-compiled prefix/len maps to do this activity. It was 3 orders 
>of magnitude
>  faster than DNS lookups and more reliable.

	Granted, I didn't run the largest ftp server in the country, but 
I do know that it was one of the largest (probably still is) and that 
the President & CEO of TUCOWS asked me if he could have my machine 
that I was using to mirror his site, once I was done with it.  I 
never had any problem of the sort you mention.

>  but if its optional, and untrustworthy, and currently incomplete and broken,
>  and breaking other services, its worth questioning its value.

	DNS as a whole is optional.  Why do we need to use names at all? 
Why don't we all just memorize numbers and be done with it?

	Sorry, I don't buy this "if it's optional then we shouldn't do 
it" argument.

>  synthesis is interesting. if we're synthesizing, does that mean we're not
>  doing a top-down delegation model any more? or is this synthesis into
>  delegated spaces?

	You would be synthesizing only in the local part of the network 
you own.  Moreover, you would only be synthesizing things that need 
to be synthesized, since many servers would likely be assigned static 
addresses and would not be changing them frequently.

>                     given how reverse works, it means a cable operator
>  has to either manage n * 255  spaces per 16 or one 65,000 host space to scale
>  this to their net. That might be ok, I don't know. But it doesn't 
>look like it
>  would be completely straightforward to do for CiDR spaces.

	It probably doesn't scale too well into pure CIDR spaces, just 
like reverse DNS today doesn't scale well into pure CIDR spaces.  The 
difference is that you can delegate on the nibble with IPv6, whereas 
with IPv4 you're forced to delegated on the byte.

-- 
Brad Knowles, <brad.knowles@skynet.be>

"They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety."
     -Benjamin Franklin, Historical Review of Pennsylvania.

GCS/IT d+(-) s:+(++)>: a C++(+++)$ UMBSHI++++$ P+>++ L+ !E-(---) W+++(--) N+
!w--- O- M++ V PS++(+++) PE- Y+(++) PGP>+++ t+(+++) 5++(+++) X++(+++) R+(+++)
tv+(+++) b+(++++) DI+(++++) D+(++) G+(++++) e++>++++ h--- r---(+++)* z(+++)
#----------------------------------------------------------------------
# To unsubscribe, send a message to <dnsop-request@cafax.se>.