On Oct 26, 2018, at 13:33, Ray Bellis <r...@bellis.me.uk> wrote: > The examples here use a loopback address of 127.12.12.12, but typical > installations will use 127.0.0.1. The different address is used in > order to emphasize that the root server does not need to be on the > device at the name "localhost" which is often locally served as > 127.0.0.1.
Perhaps the pertinent question is why the word "loopback" features in that text at all. If the group thinks that a loopback interface is the right way to connect local-root and resolver then perhaps provide that recommendation explicitly with rationale. The general case surely does not require the connecting network to be a loopback interface, and the text you quoted could be interpreted as suggesting otherwise. (The connecting network could be a bit of Internet, or a local switch, or virtual switch between VMs, or something implementation-specific between containers, or...) I think it's probably reasonable to observe that there is a dependency between the local root server and the resolver and that if the former is not available to the latter there might be unexpected failures. Orchestration of workloads to reflect that dependency is arguably easier in some of those scenarios than others seems reasonable. I still don't think there's any need to be prescriptive about the use of a loopback interface. I think the whole document could be reasonably re-cast to make it more clear that "same server" is really just one example of the use of a local root, and that many other scenarios are plausible. Happy to contribute if the group considers this to be a reasonable idea and not simply the dangerous ravings of a known lunatic. Joe _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop