To:
ietf-provreg@cafax.se
From:
Kent Crispin <kent@songbird.com>
Date:
Fri, 6 Apr 2001 10:55:39 -0700
In-Reply-To:
<a0510090ab6f3a42516aa@[10.10.20.173]>; from Jordyn A. Buchanan on Fri, Apr 06, 2001 at 01:01:07PM -0400
Mail-Followup-To:
ietf-provreg@cafax.se
Sender:
owner-ietf-provreg@cafax.se
Subject:
Re: Nameserver MUST HAVE IP
On Fri, Apr 06, 2001 at 01:01:07PM -0400, Jordyn A. Buchanan wrote: > >> If you are the authoritative registry for a TLD and you don't have > >> the IP address of a name server within your TLD, how can the NS's IP > >> address possibly be found through a "normal lookup"? > > > >You are mixing some things. Kent catched the sentence. > > No I'm not. You're arguing against a requirement that doesn't exist. > The requirements document says that IP addresses have to be present > for name servers within the TLD, it doesn't contemplate whether they > have to exist for name servers within the SLD. I don't know if I understand what you are saying. Is ns1.x.com a nameserver in the .com TLD? If not, then the requirement is empty. If yes, then Elmar's point holds. It is perfectly possible to have a nameserver externalns.x.com not be a server for the x.com zone, and just be a server for external domains. [...] > >I never understand the sense of the NSI requirements and the need for host > >handles. In Germany, we have more then 4,000,000 DE-domains, we only > >require the IP of the DNS, if the DNS is in the domain (eg. DNS > >"ns3.knipp.de" is responsible for the domain "knipp.de"). > > Within your registry, you can deal with this however you want. If > you want to create a new name server object each and every time a > name server is used, that's up to you. Personally, I think that's > pretty inefficient. I believe that the point is that the protocol requires you to supply an address *when you register*. This is unnecessary as a requirement, because there are three cases: 1) ns name is already registered 2) ns name is not registered but in the dns 3) ns name is not registered and not in the dns and only in this last case is it really necessary to supply an address. (Note that this condition is a more general description saying you need glue records.) But this last case is very rare these days. I would wager that if we examined the .com zone we would find that the large majority of domain names have nameservers outside their SLD. > However, if someone specifies the name server "ns3.knipp.de", and the > name server "ns3.knipp.de" does not exist within the .DE registry, > that's a problem. The name ns3.knipp.de exists within the .de tree, by definition, so if it exists at all, it is within the .de tree. So your condition reduces to "ns3.knipp.de" doesn't exist at all. Yes, that is a problem. The more interesting example would be "ns3.knipp.com" being a ns for the knipp.de domain. It makes sense that ns3.knipp.com should not be registered in the .de TLD... > You should be handing out glue records for name > servers within your TLD. Taking your argument to an extreme, it's > possible to have a situation in which xxx.de has the name servers > ns1.yyy.de and ns2.yyy.de, with no IP address information. yyy.de > could have the name servers ns1.xxx.de and ns2.xxx.de, with no IP > address information. In that scenario, both xxx.de and yyy.de are > broken. If you require that all .de name servers have IP addresses > associated with them, that can't happen. Yes, as I said, the requirement may reduce the likelihood of broken delegations, but I'm not sure how common the problem may be. -- Kent Crispin "Be good, and you will be kent@songbird.com lonesome." -- Mark Twain