On Mon, May 15, 2006 at 09:02:50AM +0200, Katie Petrusha wrote: Dear colleagues, [Apologies for duplicate mails] As I've got no further feedback, I am sending below the corrected version of the proposal with all the comments taken into account. Please comment on if something is not clear or wrong. ------------- Motivation: We plan to automate management of DNS delegation in the e164.arpa zone (ENUM). The provisioning system, with the RIPE Database as a front end, must support IPv6 glue records. It must also implement complete and consistent IPv4 glue record support. This will mean making changes to the RIPE Database syntax so that it specifies the glue record and the updated delegation checks. This proposal covers that syntax. Proposal: We suggest changing the syntax of the "nserver:" attribute in DOMAIN objects as follows: nserver: [domain_name] /or/ nserver: [domain_name] [ipv4_address] /or/ nserver: [domain_name] [ipv6_address] where [domain_name] is the fully qualified DNS name of the name server with or without a trailing "." [ipv4_address] is an IPv4 address of the name server [ipv6_address] is an IPv6 address of the name server If [domain_name] is followed by an IP address, it must be inside the domain that is being delegated. Any level of a glue name is supported within the valid domain name syntax. Multiple name server lines will need to be used to specify multiple IP addresses for the same hostname. Examples: The following values would be allowed: domain: example.com nserver: ns1.example.com 168.0.0.1 nserver: ns1.d1.example.com 0::0 All other variants of the values will be rejected. End-of-line comments starting with '#' will be still allowed. Consequences for existing objects: We will not automatically modify any existing objects. Instead we suggest notifying the maintainers of objects that do not comply with the proposed syntax. This will cover around 150 objects. Consequences for the delegation checks: The introduction of the new syntax will add the following new DNS checks for glue records: * every glue record has at least one IPv4 or IPv6 address specified in domain object * glue record name is inside the domain to be delegated -- Katie Petrusha RIPE NCC