Juliusz Chroboczek <j...@irif.fr> wrote:
>> The front end naming architecture uses a primary and a secondary dns
server to
>> synchronize a zone.
> People will recall that the need for a hidden primary hasn't been
> established yet. Please see my unanswered e-mail of 21 November 2018.
> https://mailarchive.ietf.org/arch/msg/homenet/vz1kdCJISN6UPNZpj9ZD4e8EdwQ
We strongly believe that the HNA needs to know the list of names in order to
be able to answer for those names when there is unstable (or no) Internet
connectivity.
Otherwise, applications and people have to know two different names for the
service. (A public one for when away, and the .local one)
In our current draft we have:
2.1. Alternative solutions
An alternative to having a single zone is what is currently common
with IPv4, where a host uses a RESTful HTTP service to register a
single name into a common public zone. This is often called "Dynamic
DNS", and there are a number of commercial providers, including
dyn.com, ghandi.com. These solutions were typically used by a host
behind the CPE to make it's CPE IPv4 address visible, usually in
order to enable incoming connections.
For a small number (one to three) of hosts, use of such a system
provides an alternative to the architecture described in this
document. The alternative does suffer from some limitations:
o the CPE/HNA router is unaware of the process, and can not answer
for the same names when there are disruptions in connectivity.
This makes the home user using different names when there are
disruptions.
o the CPE/HNA router can not control the process. Any host can do
this regardless of whether or not the home network administrator
wants the name published or not. There is therefore no possible
audit trail.
o the credentials for the dynamic DNS server need to be securely
transferred to the hosts that wish to use it. This is not a
problem for a technical user to do with one or two hosts, but it
does not scale to multiple hosts and becomes a problem for non-
technical users.
o "all the good names are taken" - current services put everyone's
names into a some set of zones, and there are often conflicts.
Distinguishing similar names by delegation of zones was among the
primary design goals of the DNS system.
There is no technical reason why a RESTful cloud service could not
provide solutions to many of these problems, but this document
describes a DNS based solution.
--
Michael Richardson <mcr+i...@sandelman.ca>, Sandelman Software Works
-= IPv6 IoT consulting =-
signature.asc
Description: PGP signature
_______________________________________________ homenet mailing list homenet@ietf.org https://www.ietf.org/mailman/listinfo/homenet
