To:
dnsop@cafax.se
From:
Alain Durand <Alain.Durand@Sun.COM>
Date:
Tue, 15 Jul 2003 00:40:06 -0700
Sender:
owner-dnsop@cafax.se
Subject:
Stepping back on the DNS discovery discussion
During yesterday's discussion on DNS discovery we somehow jumped the gun a bit quickly and moved to solution space without really understanding the requirements. Let me step back a little and try to reverse engineer those! A) Rob, in his introduction, pointed at a number a functions a node could do when we talk about DNS autoconfiguration. Basically those are: 1- finding a recursive name server 2- finding a search list 3- updating the forward DNS tree 4- updating the reverse DNS tree 5- finding a NTP source for DNSsec signature verification From this list, it seems to me that 1- is critical, 5- is important and we could leave without 2, 3, and 5, at least for now. Those are important (except maybe 2) but can be taken care of separately. However, it is not clear to me that 1- and 5- need to be addressed by the same mechanism. That is, if there is already a mechanism to broadcast NTP timestamp on the local network, this may be a good enough solution. B) The second major element to study is the desired/required mode of operation. This autoconfiguration is happening mostly at boot time. I'm a bit concerned about the effects of self synchronization in the network and what happen when a very large flat L2 network power cycle. In IPv6 neighbor discovery, there is provision for that, with unsolicited router advertisements that are multicast to all nodes on the link. If we think that DNS discovery (for lack of a better term) is a critical part of stateless autoconfiguration, it may makes sense for it to have the same properties as the rest of the story, e.g. prefix discovery. C) A third element in this discussion is the compatibility with the IPv4 model. I agree it is highly desirable to have the same conceptual _administration_ model in IPv6, that is the information is configured by the network manager in a centralized repository and it then gets propagated to the nodes. This can actually be achieved regardless of the format of the bit pattern on the wire. - Alain. #---------------------------------------------------------------------- # To unsubscribe, send a message to <dnsop-request@cafax.se>.