On Mon, Mar 21, 2016 at 06:22:52PM -0700, 神明達哉 wrote: > At Tue, 22 Mar 2016 01:15:48 +0530, > Mukund Sivaraman <m...@isc.org> wrote: > > > > > (1) Section 7.2.1. Authoritative Nameserver: > > > > I'm confused about the revised Section 7.2.1 regarding overlapping > > > prefixes. The 07 version of the draft now states: > > > > > > [...] Because it can't be guaranteed that queries for all > > > longer prefix lengths would arrive before one that would be answered > > > by the shorter prefix length, an Authoritative Nameserver MUST NOT > > > overlap prefixes. > > > > > > But the above "trivial example" seems to talk about what an > > > authoritative nameserver would do if it overlaps prefix...doesn't it > > > simply break the MUST NOT in the first place? > > > > When overlapped address prefixes occur in zone data (the configuration > > provided by an administrator to the authoritative nameserver), the > > authoritative server should resolve the overlap by deaggregating > > prefixes such that the prefixes in the Authoritative Nameserver's reply > > messages do not overlap. > > At least to me, "MUST NOT overlap" can't obviously read that way. I > think some more wording clarification is needed. Also, what about > the "warn and continue" behavior of this one? > > 2. Alert the operator that the order of queries will determine which > answers get cached, and either warn and continue or treat this as > an error and refuse to load the configuration. > > If it's not considered a violation of the MUST NOT, I think we need > more explanation here, too.
You're right. It should be described more clearly.
Mukund
signature.asc
Description: PGP signature
_______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
