Re: scope

[Masataka Ohta <mohta@necom830.hpcl.titech.ac.jp>]

Rob Austin;

> One place where these approaches differ in interesting ways, however,
> is in the default behavior.

> Assuming that one buys this analysis, this says that the well-known
> address approach is significantly different,

Other hop-by-hop-relaying (multicast does not qualify) approaches
may also be modified to let routers, by default, relay information
from all interfaces to all the other interfaces, if they are
protected from loops and have some preference metric to
multiple sources of the information.

But, the simplest way is to just rely on routing protocols.

> Good, because it means that dumb edge networks may just
> inherit the necessary data from the larger networks to which they're
> attached (although one might have security issues, eg, trust
> boundaries for use of the AD bit).

Considering that the requirement is, perhaps, maybe, hopefully, to
reduce configuration effort of host and site adminisgtrators
as much as possible, it is good.

> Bad, because this has the
> potential to turn into a bug amplifier.  Think, for example, about a
> hypothetical firewall product that blocks inbound recursive responses:
> this doesn't hurt the outside world so long as the well-known address
> points to something inside the firewall, but what happens if the
> well-known address route gets hosed?  Oops.

> Bottom line is that thinking about fault isolation gives me another
> reason for discomfort with the well-known address approach.  YMMV.

You are merely claiming that implementations of relaying entities
may be buggy, applicable to all the approaches (including multicast
one, this time).

In addition, it should also be claimed that manual configuration of
relaying entities may be wrong that the number of configured
entities should be small.

							Masataka Ohta
#----------------------------------------------------------------------
# To unsubscribe, send a message to <dnsop-request@cafax.se>.