[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Response to AD comments on draft-ietf-ipv6-unique-local-addr-03.txt



Pekka Savola <pekkas@netcore.fi> wrote:

|On Mon, 12 Apr 2004, Tony Hain wrote:
|> Again,
|> unless there is impact to a 3rd party, putting local use addresses in the
|> global DNS is none of the IETF's business.
|
|If you look at the case 1) below, that for certainty is a case which
|would impact third parties.

People who are accessing your names in your DNS are not third parties; they
are first parties (or maybe second parties :).

Note that discussion of a "global DNS" tends to imply that there is some other
kind, indirectly endorsing multi-face and such.  Prohibiting addresses from
a "global DNS" virtually requires the use of multi-face.  Do we really want
to go there?  I'm not one who wants to prohibit multi-face DNS for those who
want it, but I don't want to be forced to use it myself...

				Dan Lanciani
				ddl@danlan.*com

|> > -----Original Message-----
|> > From: Pekka Savola [mailto:pekkas@netcore.fi]
|> > Sent: Friday, April 09, 2004 10:57 PM
|> > To: Tony Hain
|> > Cc: 'Dan Lanciani'; ipv6@ietf.org
|> > Subject: RE: Response to AD comments on draft-ietf-ipv6-unique-local-addr-
|> > 03.txt
|> > 
|> > On Fri, 9 Apr 2004, Tony Hain wrote:
|> > > I agree with Dan. Unless someone can show explicit harm to a third party
|> > by
|> > > putting them in the global DNS, there is no reason to even discuss their
|> > > presence or absence in the global DNS.
|> > 
|> > I think there are two (operational -- can't be checked by the
|> > implementation) cases here:
|> > 
|> >  1) putting in local addresses to global DNS names which are expected
|> >     to be used by outsiders who are not interested of local
|> >     addresses, or to whom local addresses could even mean a
|> >     service degradation. (e.g., www.example.com, smtp.example.com,
|> >     etc.etc.)
|> > 
|> >  2) putting in local addresses for names which are not expected to be
|> >     used (e.g., "canada.vpn.example.com", to perform some kind of
|> >     "auto-discovery" functions) except who know which hostnames those
|> >     are and know what they're doing.
|> > 
|> > In the former, adding them makes very little sense.  In the latter,
|> > adding them might be beneficial, while I'm not sure I can see the
|> > scenario as I think one might want to use global addresses instead..
|> > 
|> > > > -----Original Message-----
|> > > > From: ipv6-admin@ietf.org [mailto:ipv6-admin@ietf.org] On Behalf Of
|> > Dan
|> > > > Lanciani
|> > > > Sent: Friday, April 09, 2004 1:16 PM
|> > > > To: ipv6@ietf.org
|> > > > Subject: Re: Response to AD comments on draft-ietf-ipv6-unique-local-
|> > addr-
|> > > > 03.txt
|> > > >
|> > > > Kurt Erik Lindqvist <kurtis@kurtis.pp.se> wrote:
|> > > >
|> > > > |> |=> At least you and I agree FWIW :)
|> > > > |> |Perhaps I missed this discussion, but I can't see
|> > > > |> |why they should be put in the global DNS.
|> > > > |>
|> > > > |> One might want to build an overlay network where consenting sites
|> > know
|> > > > |> how
|> > > > |> to reach each other by constructing dynamic tunnels based on some
|> > (yet
|> > > > |> to
|> > > > |> be defined) mapping function.  Thus the addresses may well be
|> > > > |> reachable in
|> > > > |> some sense.
|> > > > |
|> > > > |But is this reason enough to have them in the global DNS tree.
|> > > >
|> > > > Certainly.  If they are in the global DNS then the overlay network can
|> > be
|> > > > handled entirely by routers (or even stub hosts) that know how to look
|> > up
|> > > > the
|> > > > mapping and create the tunnels.  This is the approach I intend to use
|> > if
|> > > > unique
|> > > > addresses become a reality.  If the addresses are not allowed in the
|> > > > global DNS
|> > > > then multi-faced or multi-rooted DNS (or worse) hacks are required to
|> > > > allow
|> > > > applications to see the addresses in the first place.
|> > > >
|> > > > I strongly object to restricting unique addresses from the global DNS.
|> > It
|> > > > seriously compromises their utility and it does nothing to make
|> > anyone's
|> > > > life easier.  Applications must already deal with the case of
|> > addresses
|> > > > that
|> > > > are not reachable because of filters.  There is no reason to single
|> > these
|> > > > addresses out for second-class treatment.
|> > > >
|> > > > 				Dan Lanciani
|> > > > 				ddl@danlan.*com
|> > > >
|> > > > --------------------------------------------------------------------
|> > > > IETF IPv6 working group mailing list
|> > > > ipv6@ietf.org
|> > > > Administrative Requests: https://www1.ietf.org/mailman/listinfo/ipv6
|> > > > --------------------------------------------------------------------
|> > >
|> > >
|> > > --------------------------------------------------------------------
|> > > IETF IPv6 working group mailing list
|> > > ipv6@ietf.org
|> > > Administrative Requests: https://www1.ietf.org/mailman/listinfo/ipv6
|> > > --------------------------------------------------------------------
|> > >
|> > 
|> > --
|> > Pekka Savola                 "You each name yourselves king, yet the
|> > Netcore Oy                    kingdom bleeds."
|> > Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings
|> 
|> 
|> --------------------------------------------------------------------
|> IETF IPv6 working group mailing list
|> ipv6@ietf.org
|> Administrative Requests: https://www1.ietf.org/mailman/listinfo/ipv6
|> --------------------------------------------------------------------
|> 
|
|-- 
|Pekka Savola                 "You each name yourselves king, yet the
|Netcore Oy                    kingdom bleeds."
|Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings
|
|
|--------------------------------------------------------------------
|IETF IPv6 working group mailing list
|ipv6@ietf.org
|Administrative Requests: https://www1.ietf.org/mailman/listinfo/ipv6
|--------------------------------------------------------------------
|

--------------------------------------------------------------------
IETF IPv6 working group mailing list
ipv6@ietf.org
Administrative Requests: https://www1.ietf.org/mailman/listinfo/ipv6
--------------------------------------------------------------------