Re: [DNSOP] [as112-ops] Request to adopt draft-sotomayor-as112-ipv4-cull as WG item (fwd)

Fri, 13 Apr 2012 00:42:03 -0700 

Hello,

Joe Abley wrote:

I think that we need a better mechanism to avoid lame delegations to the
AS112 servers, given their loosely-coordinated nature.



I like the idea that came up in Québec (which I shall attribute to
Warren Kumari since I've seen other people do that, although I was not
in the room at the time) that the add/drop problem is a lot simpler if
every AS112 node hosts the zone


+1


$ORIGIN .
@ SOA ...
NS something
NS sensible


I think the AS112 root zone database could look something like this:

$ORIGIN .
$TTL 3600000
.                               IN SOA  <node-fqdn> <node-contact> (
        2012041200 3600 900 604800 86400 )
.                               IN NS   as112-tracker.dns-oarc.net.
.                               IN NS   blackhole-1.as112.net.
.                               IN NS   blackhole-2.as112.net.
as112-tracker.dns-oarc.net.     IN A    <something>
as112-tracker.dns-oarc.net.     IN AAAA <something>
blackhole-1.as112.net.          IN A    <something>
blackhole-1.as112.net.          IN AAAA <something>
blackhole-2.as112.net.          IN A    <something>
blackhole-2.as112.net.          IN AAAA <something>
hostname.as112.net.             IN TXT  "<organization>, <location>"
hostname.as112.net.             IN TXT  "See http://as112.net/ for more 
information."
hostname.as112.net.             IN LOC  <something>


Purpose of this tracker is to allow WfMS et al to know where all the 
nodes are. The node-fqdn is supposed to be a unicast (as opposed to 
anycast) address and it should also be configured as the notify-source.



and answers authoritatively on the addresses corresponding to
"something" and "sensible", returning NXDOMAIN for everything in the
entire namespace apart from . (for which they ought never receive
queries anyway). This is ugly to some eyes, but it works for domainers
and it ought to work for us too. Any zones that were subsequently
delegated to "something" and "sensible" (e.g. as part of an IANA action)
would be immediately supported with no need for changes on any of the
nodes offering service for "something" and "sensible".



As in my example above, the empty "fake root zone" needs to still have 
at least hostname.as112.net as well...



This document (as112-cull) attempts to do some of this work, but I don't
see a reason to bite off small mouthfuls if we can expend a small amount
of extra effort and eat the whole sandwich at once.


Hear hear.

--
        Aleksi Suhonen
_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop














    











					Reply via email to