Re: [homenet] Updating DNS [was: How many people have installed the homenet code?]

Ted Lemon 14 May 2016 15:18 The only problem with that is that in the homenet ideally we'd like to have local names signed and validatable via DNSSEC, and that requires that the local namespace be global in scope, even if the names published in that namespace are no

Re: [homenet] Updating DNS [was: How many people have installed the homenet code?]

The only problem with that is that in the homenet ideally we'd like to have local names signed and validatable via DNSSEC, and that requires that the local namespace be global in scope, even if the names published in that namespace are not. On Sat, May 14, 2016 at 8:51 AM, Ray Hunter (v6ops) wrot

Re: [homenet] Updating DNS [was: How many people have installed the homenet code?]

Ted Lemon wrote: If devices publish keys, then you can use those keys to make sure you are still talking to them. And the dnssec validation of local names would also work. Graceful renumbering should indeed result in DNS updates. Bear in mind that this is graceful, so the old and new ULAs

Re: [homenet] Updating DNS [was: How many people have installed the homenet code?]

If devices publish keys, then you can use those keys to make sure you are still talking to them. And the dnssec validation of local names would also work. Graceful renumbering should indeed result in DNS updates. Bear in mind that this is graceful, so the old and new ULAs coexist for a while. On Ma

Re: [homenet] Updating DNS [was: How many people have installed the homenet code?]

Ted Lemon 12 May 2016 15:48 As long as the renumbering process is clean, there is no downside to renumbering, and no reason to be careful about which ULA you ultimately wind up with. So are you suggesting the Homenet (internal) namespace should be independent of UL

Re: [homenet] Updating DNS [was: How many people have installed the homenet code?]

> What happens if that new router has been booted stand-alone (so it creates > its own ULA), and then joins the Homenet by being plugged in, and has > a higher node identifier? Each partition has at most one ULA. When the partition heals, a single ULA is retained. > Shouldn't this be a voting me

Re: [homenet] Updating DNS [was: How many people have installed the homenet code?]

As long as the renumbering process is clean, there is no downside to renumbering, and no reason to be careful about which ULA you ultimately wind up with. On Thu, May 12, 2016 at 9:41 AM, Ray Hunter (v6ops) wrote: > > Juliusz Chroboczek > 12 May 2016 15:10 > > If I'm reading you correctly, Ray,

Re: [homenet] Updating DNS [was: How many people have installed the homenet code?]

Juliusz Chroboczek 12 May 2016 15:10 If I'm reading you correctly, Ray, you're promoting unstable naming. Not promoting. Looking at the consequences. If I have two routers called trurl and pirx in my network, then my printer will becalled diablo630.pi

Re: [homenet] Updating DNS [was: How many people have installed the homenet code?]

If I'm reading you correctly, Ray, you're promoting unstable naming. If I have two routers called trurl and pirx in my network, then my printer will becalled diablo630.pirx.home whe pirx is up, diablo630.trurl.home when trurl is up, and either I reconfigure all of my hosts every time I swap a rout

Re: [homenet] Updating DNS [was: How many people have installed the homenet code?]

Ted Lemon 11 May 2016 20:03 DNS update is pretty simple. Any problem with using that? Not with the update mechanism itself I think you may be slightly conclusing "authoritative" and "primary." There is no need to elect authoritative servers--just make them sec

Re: [homenet] Updating DNS [was: How many people have installed the homenet code?]

Hm. Ok, good news. Makes the job a wee bit easier. On May 11, 2016 10:57 PM, "Mark Andrews" wrote: In message , Ted Lemon writes: > You don't even need SIG(0) to get the level of security that mDNS provides. > And SIG(0) doesn't work right now, because it relies on an older version > of DNSSEC k

Re: [homenet] Updating DNS [was: How many people have installed the homenet code?]

In message , Ted Lemon writes: > You don't even need SIG(0) to get the level of security that mDNS provides. > And SIG(0) doesn't work right now, because it relies on an older version > of DNSSEC keys. Remember the flag day? DNSSEC depends on DNSKEY as of RFC 403[345] SIG(0) depends on KEY.

Re: [homenet] Updating DNS [was: How many people have installed the homenet code?]

You don't even need SIG(0) to get the level of security that mDNS provides. And SIG(0) doesn't work right now, because it relies on an older version of DNSSEC keys. Remember the flag day? On Wed, May 11, 2016 at 8:33 PM, Mark Andrews wrote: > > SIG(0) works fine for DDNS once you have a KEY

Re: [homenet] Updating DNS [was: How many people have installed the homenet code?]

SIG(0) works fine for DDNS once you have a KEY record installed in the DNS. KEY can be installed on a "add if name does not exist basis" for forward zone and add if TCP self (owner name is the matching in-addr.arpa/ip6.arpa name of the TCP source address) is true for the reverse zones. This requ

Re: [homenet] Updating DNS [was: How many people have installed the homenet code?]

> So the naming protocol has to work with renumbering; ideally though > intra-homenet communications would use the homenet's ULA, That's not the point I'm making. I mean that numbers are not user-visible, while names obviously are. That would seem to imply that naming is at a higher level than e

Re: [homenet] Updating DNS [was: How many people have installed the homenet code?]

Spoken like a network administrator. Of course, homenets have to be able to renumber, but there is no "I" involved. So the naming protocol has to work with renumbering; ideally though intra-homenet communications would use the homenet's ULA, and so renumbering wouldn't happen other than when tw

Re: [homenet] Updating DNS [was: How many people have installed the homenet code?]

Juliusz Chroboczek 11 May 2016 18:29 Bonjour is (roughly) based on Appletalk AFAIK. I've got nothing against Appletalk Phase II, so if Bonjour was extended to provide an equivalent function to Appletalk Phase II Zone Information Protocol = ZIP then I'd b

Re: [homenet] Updating DNS [was: How many people have installed the homenet code?]

>>> So perhaps you think of DNS data as being higher-layer than routing data >>> and numbering data? >> Do you not? > No. Why are names different than numbers? I should be able to renumber without telling my users. -- Juliusz ___ homenet mailing list

Re: [homenet] Updating DNS [was: How many people have installed the homenet code?]

No. Why are names different than numbers? On Wed, May 11, 2016 at 2:13 PM, Juliusz Chroboczek < j...@pps.univ-paris-diderot.fr> wrote: > >> No (HNCP manages quite a bit of hard state, unfortunately). I think > >> I meant "able to interpret higher-layer data", but I'm no longer sure > ;-) > > >

Re: [homenet] Updating DNS [was: How many people have installed the homenet code?]

>> No (HNCP manages quite a bit of hard state, unfortunately). I think >> I meant "able to interpret higher-layer data", but I'm no longer sure ;-) > So perhaps you think of DNS data as being higher-layer than routing data > and numbering data? Do you not? -- Juliusz ___

Re: [homenet] Updating DNS [was: How many people have installed the homenet code?]

DNS update is pretty simple. Any problem with using that? I think you may be slightly conclusing "authoritative" and "primary." There is no need to elect authoritative servers--just make them secondary to the elected primary. You can't have two primaries with stock DNS--that's probably the big

Re: [homenet] Updating DNS [was: How many people have installed the homenet code?]

Ted Lemon 11 May 2016 18:37 > I don't like the hybrid proxy model either. It promises the union of > the problems and intersection of the functionality. Proxying flies in > the face of the trend of smart devices and dumb networks. Very well put.

Re: [homenet] Updating DNS [was: How many people have installed the homenet code?]

Hm, okay. So perhaps you think of DNS data as being higher-layer than routing data and numbering data? On Wed, May 11, 2016 at 1:00 PM, Juliusz Chroboczek < j...@pps.univ-paris-diderot.fr> wrote: > > I tend to think of routing protocols and election protocols as > "intelligent", > > but perhaps

Re: [homenet] Updating DNS [was: How many people have installed the homenet code?]

> I tend to think of routing protocols and election protocols as "intelligent", > but perhaps you meant something different... :) > E.g., did you mean "stateful?" No (HNCP manages quite a bit of hard state, unfortunately). I think I meant "able to interpret higher-layer data", but I'm no longer

Re: [homenet] Updating DNS [was: How many people have installed the homenet code?]

I tend to think of routing protocols and election protocols as "intelligent", but perhaps you meant something different... :) E.g., did you mean "stateful?" On Wed, May 11, 2016 at 12:47 PM, Juliusz Chroboczek < j...@pps.univ-paris-diderot.fr> wrote: > >>> Proxying flies in the face of the trend

Re: [homenet] Updating DNS [was: How many people have installed the homenet code?]

>>> Proxying flies in the face of the trend of smart devices and dumb >>> networks. > Be that as it may, Homenet in general flies in the face of that trend. Not sure. If you look at HNCP, the only intelligence there is a bunch of election algorithms (prefix assignment is just election with non-l

Re: [homenet] Updating DNS [was: How many people have installed the homenet code?]

On Wed, May 11, 2016 at 12:29 PM, Juliusz Chroboczek < j...@pps.univ-paris-diderot.fr> wrote: > > I don't like the hybrid proxy model either. It promises the union of > > the problems and intersection of the functionality. Proxying flies in > > the face of the trend of smart devices and dumb net

Re: [homenet] Updating DNS [was: How many people have installed the homenet code?]

> Bonjour is (roughly) based on Appletalk AFAIK. I've got nothing against > Appletalk Phase II, so if Bonjour was extended to provide an equivalent > function to Appletalk Phase II Zone Information Protocol = ZIP then I'd be > happier. That would cover concerns on non-overlapping name spaces. And >

Re: [homenet] Updating DNS [was: How many people have installed the homenet code?]

On 11 May 2016, at 15:01, Ray Hunter (v6ops) > wrote: Tim Chown wrote: On 25 Apr 2016, at 03:39, Ted Lemon > wrote: On Sun, Apr 24, 2016 at 12:29 PM, Juliusz Chroboczek > wrote: > Juliusz, the proble

Re: [homenet] Updating DNS [was: How many people have installed the homenet code?]

Hi Ray, On 11 May 2016, at 15:01, Ray Hunter (v6ops) mailto:v6...@globis.net>> wrote: Tim Chown wrote: On 25 Apr 2016, at 03:39, Ted Lemon mailto:mel...@fugue.com>> wrote: On Sun, Apr 24, 2016 at 12:29 PM, Juliusz Chroboczek mailto:j...@pps.univ-paris-diderot.fr>> wrote: > Juliusz, the proble

Re: [homenet] Updating DNS [was: How many people have installed the homenet code?]

Tim Chown wrote: On 25 Apr 2016, at 03:39, Ted Lemon > wrote: On Sun, Apr 24, 2016 at 12:29 PM, Juliusz Chroboczek > wrote: > Juliusz, the problem is that existing home network devices that do > DNS-based service discov

Re: [homenet] Updating DNS [was: How many people have installed the homenet code?]

Hi, > On 5 May 2016, at 13:37, Juliusz Chroboczek > wrote: > >>> We can and should. The problem is that we won't see that code ship in >>> new devices anytime soon, so we still have to make mDNS work. > >> And this is why the dnssd WG is focused on making mDNS work on >> multi-subnet networks

Re: [homenet] Updating DNS [was: How many people have installed the homenet code?]

>> We can and should. The problem is that we won't see that code ship in >> new devices anytime soon, so we still have to make mDNS work. > And this is why the dnssd WG is focused on making mDNS work on > multi-subnet networks. Is there something I can read on this particular subject? -- Julius

Re: [homenet] Updating DNS [was: How many people have installed the homenet code?]

> On 25 Apr 2016, at 03:39, Ted Lemon wrote: > > On Sun, Apr 24, 2016 at 12:29 PM, Juliusz Chroboczek > mailto:j...@pps.univ-paris-diderot.fr>> > wrote: > > Juliusz, the problem is that existing home network devices that do > > DNS-based service discovery do not support DNS update. They could,

Re: [homenet] Updating DNS [was: How many people have installed the homenet code?]

On Sun, Apr 24, 2016 at 12:29 PM, Juliusz Chroboczek < j...@pps.univ-paris-diderot.fr> wrote: > > Juliusz, the problem is that existing home network devices that do > > DNS-based service discovery do not support DNS update. They could, but > > they don't, because we didn't define an easy way for t

Re: [homenet] Updating DNS [was: How many people have installed the homenet code?]

> Juliusz, the problem is that existing home network devices that do > DNS-based service discovery do not support DNS update. They could, but > they don't, because we didn't define an easy way for them to do it. I'd be grateful if you could expand on that. Why can't we define a way for clients to

Re: [homenet] Updating DNS [was: How many people have installed the homenet code?]

On 24.4.2016, at 6.03, Ted Lemon wrote: > Juliusz, the problem is that existing home network devices that do DNS-based > service discovery do not support DNS update. They could, but they don't, > because we didn't define an easy way for them to do it. Just 2136 isn't > enough, because there

Re: [homenet] Updating DNS [was: How many people have installed the homenet code?]

Juliusz, the problem is that existing home network devices that do DNS-based service discovery do not support DNS update. They could, but they don't, because we didn't define an easy way for them to do it. Just 2136 isn't enough, because there's no authentication scheme, and name servers typica

[homenet] Updating DNS [was: How many people have installed the homenet code?]

>> Do you mean, (1) how is a DNS resolver advertised to clients, or >> (2) how clients are registered in DNS ? >> >> (1) is done by using the -N flag on the router advertising an external >> connection (-E). This flag can be repeated multiple times. > hnetd grabs this automatically from wan-faci