On Thu, Jun 01, 2006 at 03:59:48PM +0200, Carsten Schiefner wrote: Carsten, I've corrected it :) Please find it below.
<NITPICKING>
[...]
Examples:
The following values would be allowed:
domain: example.com
nserver: ns1.example.com 192.0.2.1
nserver: ns1.d1.example.com 2001:db8:0:0:0:0:0:0
nserver: ns1.d1.example.com 2001:DB8:0:0:0:0:0:0
nserver: ns2.d1.example.com 2001:DB8::
nserver: ns2.d1.example.com 2001:db8::
All other variants of the values will be rejected.
[...] </NITPICKING>
Thanks & best,
-C.
Motivation: We plan to automate management of DNS delegation in the e164.arpa zone (ENUM). The provisioning system, with the RIPE Database as a front end, must support IPv6 glue records. It must also implement complete and consistent IPv4 glue record support. This will mean making changes to the RIPE Database syntax so that it specifies the glue record and the updated delegation checks. This proposal covers that syntax. Proposal: We suggest changing the syntax of the "nserver:" attribute in DOMAIN objects as follows: nserver: [domain_name] /or/ nserver: [domain_name] [ipv4_address] /or/ nserver: [domain_name] [ipv6_address] where [domain_name] is the fully qualified DNS name of the name server with or without a trailing "." [ipv4_address] is an IPv4 address of the name server, in decimal dotted quad form [ipv6_address] is an IPv6 address of the name server, in lowercase canonical form (Section 2.2.1, RFC 4291) The IPv6 notation can be case insensitive, the textual compressed form (Section 2.2.2, RFC 4291) is also accepted (see examples). [ipv6_address] will always be converted into lowercase canonical form. If [domain_name] is followed by an IP address, it must be inside the domain that is being delegated. Any level of a glue name is supported within the valid domain name syntax. Multiple name server lines will need to be used to specify multiple IP addresses for the same hostname. Examples: The following values would be allowed: domain: example.com nserver: ns1.example.com 192.0.2.1 nserver: ns1.d1.example.com 2001:db8:0:0:0:0:0:0 nserver: ns1.d1.example.com 2001:DB8:0:0:0:0:0:0 nserver: ns2.d1.example.com 2001:DB8:: nserver: ns2.d1.example.com 2001:db8:: All other variants of the values will be rejected. End-of-line comments starting with '#' will be still allowed. All IPv6 glue addresses in "nserver:" attribute will be represented in domain objects in the RIPE Whois Database in the lowercase uncompressed form, i.e. 2001:db8:0:0:0:0:0:0. Consequences for existing objects: We will not automatically modify any existing objects. Instead we suggest notifying the maintainers of objects that do not comply with the proposed syntax. This will cover around 150 objects. Consequences for the delegation checks: The introduction of the new syntax will add the following new DNS checks for glue records: * every glue record has at least one IPv4 or IPv6 address specified in domain object (error otherwise) * glue record name is inside the domain to be delegated (error otherwise) * glue nameserver should be authoritative for his own A/AAAA record (error otherwise) -- Katie Petrusha RIPE NCC