[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: I-D ACTION:draft-ietf-ipv6-unique-local-addr-08.txt

Thus spake "Brian McGehee" <doc@xxxxxxxxxx>
I have to agree with this MUST NOT.

|+    Advertising locally assigned ULA AAAA records in the global DNS
|+    MUST NOT occur as they are not globally unique and will lead
|+    to unexpected connections.

Although there is a good chance that someone else in the world has my same
name, they don't receive their mail at my home address.  OK, Bad example
(reversed).  But if there is a chance of overlap; allowing this insures
there is a chance of misdirection.

My original thought in allowing ULA AAAA records in the global DNS was that it is not operationally feasible to expose those records to all of the hosts that have connectivity to those addresses and no others, particularly when you're using them to communicate privately to another organization.

There is certainly a failure mode where two parties may inadvertently select the same prefix and one may get traffic intended for the other due to entries in the global DNS, but that is no different from someone publishing a ULA IP address on a web page instead of a DNS name that points to that address. The failure is the collision, not the DNS entry.

I did think about this and considered the odds of the above happening to be significantly lower than the risk of a host not being able to resolve names for machines it can reach via a ULA because it (or its nameserver) is inadvertently using the global DNS instead of a local zone file.


Stephen Sprunk "God does not play dice." --Albert Einstein
CCIE #3723 "God is an inveterate gambler, and He throws the
K5SSS dice at every possible opportunity." --Stephen Hawking

-------------------------------------------------------------------- IETF IPv6 working group mailing list ipv6@xxxxxxxx Administrative Requests: https://www1.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------