All it would mean is that the aviation industry that wanted its "private" network would have to host a "root" DNS server for that network and advise it's members to include it in their hints. I don't see that being a big issue. In fact it makes sense from a security perspective.
And again, with trivial ACL's the "private" network could be managed out of PI/PA. > -----Original Message----- > From: Stephen Sprunk [mailto:[EMAIL PROTECTED] > Sent: Monday, July 09, 2007 9:53 AM > To: Eliot Lear > Cc: Thomas Narten; Mark Andrews; ipv6@ietf.org; Pekka Savola > Subject: Re: draft-ietf-ipv6-ula-central-02.txt > > Thus spake "Eliot Lear" <[EMAIL PROTECTED]> > > Stephen Sprunk wrote: > >> The supposed use case for ULA-C is large orgs who interconnect > >> privately with other large orgs. If you _don't_ allow > ULA-Cs in the > >> global reverse DNS, then every org in the internetwork must hack > >> their local DNS servers to recognize every other org's reverse DNS > >> entries. That is painful and unnecessary. > > > > To borrow your logic, if this space is truly private why > should this > > be an issue? > > That hinges on the meaning of "private". Imagine a private > internet for the aviation industry; there would be thousands > of players, each supposedly with their own ULA-C/G block. > Every player would need to hack their DNS servers to account > for every other player's RDNS settings, and any time someone > new joined or someone existing wanted to update their > settings, thousands of other operators would need to change > their hacks to keep things working. > The odds of that being successful in practice are so low > they're not worth considering. > > >> There are operational concerns with putting ULA(-C) addresses in > >> forward DNS; nobody argues with that. However, putting ULA-C > >> addresses in reverse DNS harms nobody who can't reach > those addresses > >> yet greatly benefits those that can. > > > > The delegation must be maintained and occasionally updated. > Who does that? > > Whoever is designated as the central authority. It is > necessary for there to be a database to keep blocks unique, > and that database will need billing and contact information, > so the addition of a couple of NS entries for each block is > trivial. All we're discussing now is whether that > information is exposed via the global DNS. > > > At this point it is plain to see that ULA-C is nothing but > PI address > > space, because the IETF is in no position to enforce otherwise. So > > please, let's just call it what it is. > > Exactly. > > S > > Stephen Sprunk "Those people who think they know everything > CCIE #3723 are a great annoyance to those of us who do." > K5SSS --Isaac Asimov > > > > -------------------------------------------------------------------- > IETF IPv6 working group mailing list > ipv6@ietf.org > Administrative Requests: https://www1.ietf.org/mailman/listinfo/ipv6 > -------------------------------------------------------------------- > -------------------------------------------------------------------- IETF IPv6 working group mailing list ipv6@ietf.org Administrative Requests: https://www1.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------
