DNSOP mailing list

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: BELOEIL Luc FTRD/DMI/CAE <luc.beloeil@francetelecom.com>
cc: Bill Manning <bmanning@ISI.EDU>, <matthew.ford@bt.com>, <dnsop@cafax.se>
From: Pekka Savola <pekkas@netcore.fi>
Date: Tue, 15 Jul 2003 11:08:36 +0300 (EEST)
In-Reply-To: <C331E5A29B51A84E9755E834A3E619D1211E98@ftrdmel1.rd.francetelecom.fr>
Sender: owner-dnsop@cafax.se
Subject: Re: RE : IPv6 DNS Autoconfiguration

On Tue, 15 Jul 2003, BELOEIL Luc FTRD/DMI/CAE wrote:
> I do not catch your point. "DNS resolver IPv6 addresses" must be,
> whatever the way, "configured" in the DHCP-lite server (if DHCP is used)
> or on the router (if RA-based solution is used).
> 
> This "configuration" shall take care of the "local DNS policy". IMHO,
> that is the matter of the DHCP-lite server or the router to advertise no
> garbage information.
> 
> Did I missed anything ?

Nothing; we're in full agreement here.

(compare: routers can use RA's to advertise prefixes they aren't 
configured to route, but that's no problem IMHO.)

> > De : Pekka Savola [mailto:pekkas@netcore.fi] 
> > Envoyé : mardi 15 juillet 2003 08:53> 
> > 
> > On Mon, 14 Jul 2003, Bill Manning wrote:
> > >  yes, yes... thats not the question.  the question is, how do the  
> > > good folks who propose this method fo DNS discovery expect to  
> > > find/extract the local DNS policy information to try and ensure  
> > > garbage is not handed out?
> > 
> > Someone is configuring the routers to advertise this information.
> > 
> > If it's configured manually, it becomes the responsibility of the 
> > configurer to ensure this.
> > 
> > If it's configured automatically, it becomes the 
> > responsibility if the 
> > party who's configuring the source where the router 
> > automatically finds 
> > this information (e.g. DHCPv6 lite) to see that it's OK.
> > 
> > The issue is recursive.
> > 
> > > % On Mon, 14 Jul 2003 matthew.ford@bt.com wrote:
> > > % > we are all free to fill our /etc/resolv.conf with garbage if we 
> > > want. % % Moreover, we are all free to (try to) feed our 
> > > clients/customers garbage % if we want.
> > > % 
> > > % I'm not guaranteeing you'd get popular by doing so, but 
> > that's another 
> > > % issue.
> > > % 
> > > % > > -----Original Message-----
> > > % > > From: Bill Manning [mailto:bmanning@ISI.EDU]
> > > % > > Sent: 14 July 2003 21:09
> > > % > > To: Pekka Savola
> > > % > > Cc: dnsop@cafax.se
> > > % > > Subject: Re: IPv6 DNS Autoconfiguration
> > > % > > 
> > > % > > 
> > > % > >  mind, I am very concerned w/ the goofy IPR/Note Well 
> > restrictions,
> > > % > >  so posting/participating is -very- infrequent.  but 
> > to pose a query
> > > % > >  to the assembled multitude:
> > > % > > 
> > > % > >  BIND, a common DNS implementation has the ability to 
> > apply access
> > > % > >  controls as a local policy matter as to who can and 
> > can not use
> > > % > >  a "recursive resolving nameserver" or what ever it 
> > was that Rob said 
> > > % > >  it was.  If one uses the RA/ND techniques, how does 
> > one expect to
> > > % > >  extract the local DNS policy information before 
> > handing out server
> > > % > >  info via the RA/ND method?
> > > % > > 
> > > % > >  this weakness was not touched on during Bob Hindons 
> > presentation
> > > % > >  and I did not stay for the rest of the sessions festivities
> > > % > > 
> > > % > > 
> > > % > > 
> > > % > > 
> > > % > > % On Mon, 14 Jul 2003, Masataka Ohta wrote:
> > > % > > % > > Beforehand, I'd like to summarize my talk for today's
> > > % > > % > > discussion about DNS Discovery and Autoconfiguration.
> > > % > > % > 
> > > % > > % > Autoconfiguration, as expected by IPv6 folds, is 
> > just impossible
> > > % > > % > that it is a pity that DNSOP WG is contaminated.
> > > % > > % > 
> > > % > > % > Autoconfiguration is easy on a single link 
> > isolated from the
> > > % > > % > Internet. But, that's all.
> > > % > > % 
> > > % > > % FWIW, my opinion on the subject;
> > > % > > % 
> > > % > > % DHCPv6-lite has been proposed as a means how to fix 
> > this problem.
> > > % > > % 
> > > % > > % My issue with DHCPv6-lite is that DHCPv6 spec is some 89 
> > > % > > pages, and most 
> > > % > > % options are some 5 (or more) pages more, each.
> > > % > > % 
> > > % > > % Even though DHCPv6-lite is only a subset of that, 
> > it still requires 
> > > % > > % reading, understanding etc. a lot of it.  It's much more 
> > > % > > difficult to get 
> > > % > > % the "big picture" of DHCPv6-lite this way.
> > > % > > % 
> > > % > > % Now, if we had specified DHCPv6 without address 
> > assignment (like I
> > > % > > % suggested, but that's beside the point), and put all of the 
> > > % > > stateful stuff
> > > % > > % ("cruft") in a separate "extension" RFC, we'd be talking 
> > > % > > about an entirely
> > > % > > % different issue.
> > > % > > % 
> > > % > > % I was a very simple to implement, robust mechanism 
> > that's easy to 
> > > % > > % understand.  Reading 20 selected pieces of a large document 
> > > % > > fills that 
> > > % > > % requirement, IMHO.
> > > % > > % 
> > > % > > % I want a spec which is simple and clear, and less than 
> > > % > > 15-20 pages long.
> > > % > > % 
> > > % > > % -- 
> > > % > > % Pekka Savola                 "You each name 
> > yourselves king, yet the
> > > % > > % Netcore Oy                    kingdom bleeds."
> > > % > > % Systems. Networks. Security. -- George R.R. Martin: 
> > A Clash of Kings
> > > % > > % 
> > > % > > % 
> > > % > > #-------------------------------------------------------------
> > > % > > ---------
> > > % > > % # To unsubscribe, send a message to 
> > <dnsop-request@cafax.se>.
> > > % > > % 
> > > % > > 
> > > % > > 
> > > % > > -- 
> > > % > > --bill
> > > % > > 
> > > % > > Opinions expressed may not even be mine by the time 
> > you read them, and
> > > % > > certainly don't reflect those of any other entity (legal or 
> > > % > > otherwise).
> > > % > > 
> > > % > > #-------------------------------------------------------------
> > > % > > ---------
> > > % > > # To unsubscribe, send a message to <dnsop-request@cafax.se>.
> > > % > > 
> > > % > 
> > #-------------------------------------------------------------
> > ---------
> > > % > # To unsubscribe, send a message to <dnsop-request@cafax.se>.
> > > % > 
> > > % 
> > > % -- 
> > > % Pekka Savola                 "You each name yourselves 
> > king, yet the
> > > % Netcore Oy                    kingdom bleeds."
> > > % Systems. Networks. Security. -- George R.R. Martin: A 
> > Clash of Kings
> > > % 
> > > 
> > > 
> > > 
> > 
> > -- 
> > Pekka Savola                 "You each name yourselves king, yet the
> > Netcore Oy                    kingdom bleeds."
> > Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings
> > 
> > #-------------------------------------------------------------
> > ---------
> > # To unsubscribe, send a message to <dnsop-request@cafax.se>.
> > 
> 

-- 
Pekka Savola                 "You each name yourselves king, yet the
Netcore Oy                    kingdom bleeds."
Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings

#----------------------------------------------------------------------
# To unsubscribe, send a message to <dnsop-request@cafax.se>.

Prev by Date: Re: Stepping back on the DNS discovery discussion
Next by Date: Re: Stepping back on the DNS discovery discussion
Prev by thread: RE: Re: Stepping back on the DNS discovery discussion
Next by thread: regarding the respsize draft: preferring glue of certain types
Index(es):
- Date
- Thread

Home | Date list | Subject list