....yeah, a simple example of such an exception is an anycast DNS network which doesn't even look at the source IP address, but just has completely different zones deployed in different points of presence. When a PoP goes down, the same IP address will be directed to another PoP and will start receiving data from a different "horizon" (there might be a better metaphor for this concept).
| Artyom Gavrichenkov | gpg: 2deb 97b1 0a3c 151d b67f 1ee5 00e7 94bc 4d08 9191 | mailto: xima...@gmail.com | fb: ximaera | telegram: xima_era | skype: xima_era | tel. no: +7 916 515 49 58 On Mon, Mar 19, 2018 at 6:09 PM, Artyom Gavrichenkov <xima...@gmail.com> wrote: > On Mon, Mar 19, 2018 at 6:05 PM, Bob Harold <rharo...@umich.edu> wrote: >> In practice this is done by using either different DNS servers (or >> processes), or multiple "views" in a DNS configuration. > > Another issue here is that, for some enterprises at least, there's no > single "internal network" anymore. There are different network scopes > (_sometimes_ nested) ranging from "formally internal but treated as > almost external" to "air gap-separated DMZ", with different policies, > including different DNS policies. > > My second thought (personally) is that there might be a reason to just > bury the "split DNS" definition whatsoever and to just define a > "multi-horizon DNS", where a "horizon" is defined by a company's > policy and _usually_ depends on the source IP address of a query > (there may be exceptions). > > | Artyom Gavrichenkov > | gpg: 2deb 97b1 0a3c 151d b67f 1ee5 00e7 94bc 4d08 9191 > | mailto: xima...@gmail.com > | fb: ximaera > | telegram: xima_era > | skype: xima_era > | tel. no: +7 916 515 49 58 _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
