To rephrase, it sounds like you are proposing a rule that zones should be configured to use at most one glueless delegation step.
Under this rule, one cannot place an "unrelated nameserver name" anywhere beneath a zone cut that itself uses an unrelated nameserver. Effectively, all zones below such a zone cut are "second class" zones for this purpose. This breaks a symmetry of the DNS: there are now two different kinds of zones, where previously there was only one. It's also strange that this distinction depends on the configuration of some parent or grandparent zone that is not controlled by the zone in question, and can change at any time. I appreciate that glueless delegations have some downsides, and may be worth avoiding in some cases, but I think the proposed rule is too restrictive. I would be more interested in a document (perhaps non-IETF) showing how adding complexity to your zone's resolution process impacts resolution time, error rate, and frequency of misconfigurations. --Ben Schwartz ________________________________ From: DNSOP <dnsop-boun...@ietf.org> on behalf of Kazunori Fujiwara <fujiw...@jprs.co.jp> Sent: Sunday, March 3, 2024 11:34 PM To: dnsop@ietf.org <dnsop@ietf.org> Subject: [DNSOP] unrelated name server name recommendation !-------------------------------------------------------------------| This Message Is From an Untrusted Sender You have not previously corresponded with this sender. |-------------------------------------------------------------------! dnsop WG, "unrelated" (or, previosly called as out-of-bailiwick) name server names are necessary for DNS hosting providers. However, it increases name resolution costs. Furthermore, it makes it easy to make mistakes like cyclic dependencies. So, I would like to make some recommendations on "unrelated" name server names. I submitted "draft-fujiwara-dnsop-unrelated-name-server-00" as a first step. https://datatracker.ietf.org/doc/draft-fujiwara-dnsop-unrelated-name-server/ I prposed that the domain names that host the name server names MUST be resolvable by delegations using one or more in-domain name server names. I'm not able to write well, I'm looking for good text. Let's improve the current DNS before DELEG RR. -- Kazunori Fujiwara, JPRS <fujiw...@jprs.co.jp> _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
_______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
