On Oct 26, 2018, at 13:33, Ray Bellis <r...@bellis.me.uk> wrote:

>   The examples here use a loopback address of 127.12.12.12, but typical
>   installations will use 127.0.0.1.  The different address is used in
>   order to emphasize that the root server does not need to be on the
>   device at the name "localhost" which is often locally served as
>   127.0.0.1.

Perhaps the pertinent question is why the word "loopback" features in
that text at all.

If the group thinks that a loopback interface is the right way to
connect local-root and resolver then perhaps provide that
recommendation explicitly with rationale. The general case surely does
not require the connecting network to be a loopback interface, and the
text you quoted could be interpreted as suggesting otherwise.

(The connecting network could be a bit of Internet, or a local switch,
or virtual switch between VMs, or something implementation-specific
between containers, or...)

I think it's probably reasonable to observe that there is a dependency
between the local root server and the resolver and that if the former
is not available to the latter there might be unexpected failures.
Orchestration of workloads to reflect that dependency is arguably
easier in some of those scenarios than others seems reasonable. I
still don't think there's any need to be prescriptive about the use of
a loopback interface.

I think the whole document could be reasonably re-cast to make it more
clear that "same server" is really just one example of the use of a
local root, and that many other scenarios are plausible.

Happy to contribute if the group considers this to be a reasonable
idea and not simply the dangerous ravings of a known lunatic.


Joe

_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop

Reply via email to