Comments on draft-jeong-***-dns-***.txt

["BELOEIL Luc FTRD/DMI/CAE" <luc.beloeil@rd.francetelecom.com>]

Hi all, 

Those drafts are really interesting, and I have also several comments.

1- Concerning http://www.paul.6ants.net/data/draft-jeong-hmipv6-dns-optimization-01.txt
	- RDNSS Failure detection, I do think that is necessary but I do not think that is a job for a MAP. IMHO, it should be simpler to have several "recursive DNS resolvers". If one fails the client will try the next resolver in its list.


2- Concerning http://www.ietf.org/internet-drafts/draft-jeong-ipv6-ra-dns-autoconf-00.txt

	- I would prefer not to send "DNS option message" in all RA so as to minimize exchanged information.
	- If a DNS server accepts Dynamic DNS update, I would prefer that it does not performs recursive resolution at the same time. IMHO those are different functions that must be separated. I would prefer an option for advertising "Dynamic DNS update capable DNS server" and another one for "recursive DNS resolvers".
	- It's a good idea to advertise DNS zone suffix. Should'nt it be better to advertise that in a seperate option or more likely in a sub-option ?
	- Dynamic DNS update seems not to be an autoconfiguration mechanism as someone need to configure "user identifier". Did I miss sthg ?
	- I would not like to run a DNS server that accepts Dynamic DNS update from untrusted nodes, even if that could help autoconfiguration... We need a secure mechanism but that is really not simple.
	- in section 7, I do not understand clearly your point "Like this, DNS server MAY discard some or all DNS messages when being filled with the messages. " To my mind, if DNS server acts like this, it may not answers to some requests, thus that is a DoS attack !?

I hope that could help,

Luc 

#----------------------------------------------------------------------
# To unsubscribe, send a message to <dnsop-request@cafax.se>.