At 22:17 +0200 9/2/09, bert hubert wrote:
DNS can be seen as two things - one is about actual zones, and
distributing them over AXFR, and supporting things like dynamic
updates etc.
The other DNS is about answering questions in a valid way, without
being interested in the backend, since it is out of sight.
In this second sense, scripting answers works very well, and powers
autogenerated PTR records, but also interesting forms of
(geographical) load balancing.
So for most people, it really works very well - even if there is no
zone that can be transferred, or updated using dynamic updates.
If "you can think of DNS as strictly a query-response protocol on
port 53" and discard the the notions of zones, name server
synchronization, etc., you can get a solution that works over the
short haul or in a confined environment. But if you count on this
for a long-range strategy, you will suffer for your myopia.
Answering from a script/algorithm and not a zone-file or
zone-in-a-data-structure is fine. But if you ignore the other
elements of the DNS protocol, the solution is not long for the world.
The reason is that is much more expensive to operate "oddball"
devices than to stick with compliant devices. Staff retire, go on
vacation, etc. We can't have warts, or many of them, in a data
center.
The WG sputters so much about middleboxes, proxies, etc. that
implement a curbed version of DNS and cry that they are the root of
many ills (UDP fragmentation, capping port 53 traffic to 512 bytes).
Then we turn around and say it's okay to put a hobbled DNS on port 53.
Dunno - I don't hear any users clamoring for it. They typically think
of DNS in the second sense.
Of course you don't. You hear users clamoring for populating a IPv6
reverse map zone - they don't say how because they expect the DNS
implementations to take care, provide a quality solution. If you do
a disposable solution, fine, you'll have a quick solution. But it
won't last.
There's no reason we can't derive a generalized synthesis
(generalized with respect to RFC 4592) if one would be beneficial to
the protocol.
--
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Edward Lewis
NeuStar You can leave a voice message at +1-571-434-5468
As with IPv6, the problem with the deployment of frictionless surfaces is
that they're not getting traction.
_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop
