On 3/19/18 11:14 AM, Jim Reid wrote:
On 19 Mar 2018, at 18:09, Artyom Gavrichenkov <xima...@gmail.com> wrote:
Another issue here is that, for some enterprises at least, there's no
single "internal network" anymore.
We don't need to enumerate every potential split DNS scenario (or how it's implemented).
The original text says "there are many potential variants". That should be
enough for this document. The simple example of one internal and one external net will do
for illustrative purposes.
Rather than try for some physical demarcation like "firewall" or
"network," why don't we simply say "organizationally-defined perimeter"
or "perimeter defined by the organization," which leaves it vague enough
to support the "many potential variants"?
E.g. in Paul H.'s original text
Instead of: "Where a corporate network serves up partly or completely
different DNS inside and outside its firewall."
Use: "Where a corporate [enterprise?] network serves partly or
completely different DNS based on a client's location inside or outside
of a perimeter defined by that organization."
This also gives the enterprise organization both the authority (and
onus) to define its perimeter in a reasonable logical way.
michael
_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop
