Hi Paul, On 9/30/15 11:18 AM, Paul Hoffman wrote: > On 30 Sep 2015, at 8:12, Brian Haberman wrote: > >>>> ---------------------------------------------------------------------- >>>> COMMENT: >>>> ---------------------------------------------------------------------- >>>> >>>> I can't decide if I should ballot Yes because this document does a good >>>> job of describing how to deploy this approach or Abstain because the >>>> fragility introduced in this approach appears to be untenable. >>>> >>>> In the meantime, can someone explain why this document is stating a >>>> requirement to deploy this approach with IPv4 only? >>> >>> Yes. Given that this is running on loopback, it doesn't matter if the >>> service is running on either the v4 or v6 loopback address. Unless a >>> system running this service has absolutely no v4 at all (it doesn't even >>> need to be offering v4 service to customers), the v4 loopback address is >>> sufficient. >>> >>> There seems to be wide disagreement about what is the v6 loopback >>> address: some of these addresses exist on some v6 systems but not >>> others, or so we were told. If there is a v6 loopback address that is >>> universally deployed (as 127/8 is for v4), we can add it, although it >>> won't actually make this more deployable. >>> >>> --Paul Hoffman >> >> I am not sure how much clearer the definition of IPv6 loopback could be >> (https://tools.ietf.org/html/rfc4291#section-2.5.3). Of course, if it >> is an implementation issue, there is not much the IETF can do. >> >> Thanks for the quick response. > > If the WG agrees that 0:0:0:0:0:0:0:1 is always present, we can > certainly add that to the document. I now cannot find any on-list > mention of why this isn't useful in all v6-capable systems, so it might > have been a hallway conversation.
It seems like the WG can cover both address families by simply making
these changes:
OLD:
o The system MUST be able to run an authoritative server on one of
the IPv4 loopback addresses (that is, an address in the range
127/8).
NEW:
o The system MUST be able to run an authoritative server on one of
the loopback addresses (that is, an address in the range
127/8 for IPv4 or ::1 in IPv6).
OLD:
2. Start the authoritative server with the root zone on a loopback
address that is not in use. This would typically be 127.0.0.1,
but if that address is in use, any address in 127/8 is
acceptable.
NEW:
2. Start the authoritative server with the root zone on a loopback
address. This would typically be 127.0.0.1 in IPv4 or ::1 in
IPv6.
Why does the document say that the address should not be in use?
Brian
signature.asc
Description: OpenPGP digital signature
_______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
