Re: draft-ietf-dnsop-serverid-01.txt

[Brad Knowles <brad.knowles@skynet.be>]

At 11:33 PM -0700 2003/04/27, David Conrad wrote:

>  If the server at a particular IP address returns <bar> to query <baz>,
>  you issue a CH class ID.SERVER query to that IP address from the same
>  client that received the suspicious result (making the assumption that
>  the routing system has not changed the server that will receive that
>  query).

	Regretfully, in a load-balanced world this won't work.  An 
incoming query to a single IP address could be redirected to any of 
the back-end servers.

>  If you do not have access to the client or there is a potential for
>  the routing system to have changed which server will receive the CH
>  class ID.SERVER query, you can either ask the NOC for the non-anycast
>  IP addresses associated with the server and try each in turn or let
>  the folks at the NOC do their job and figure it out themselves.

	The server may not have a publicly accessible non-anycast or 
non-load-balanced address.

>  Does this address your concern or do I still not get it?

	I think we may have to just concede that there are going to be 
issues in an anycast or load-balanced environment, and maybe give 
some serious thought as to how we might work towards solving this 
problem in an EDNS environment.

-- 
Brad Knowles, <brad.knowles@skynet.be>

"They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety."
     -Benjamin Franklin, Historical Review of Pennsylvania.

GCS/IT d+(-) s:+(++)>: a C++(+++)$ UMBSHI++++$ P+>++ L+ !E-(---) W+++(--) N+
!w--- O- M++ V PS++(+++) PE- Y+(++) PGP>+++ t+(+++) 5++(+++) X++(+++) R+(+++)
tv+(+++) b+(++++) DI+(++++) D+(++) G+(++++) e++>++++ h--- r---(+++)* z(+++)
#----------------------------------------------------------------------
# To unsubscribe, send a message to <dnsop-request@cafax.se>.