Hi, {I keep copying the db-wg on this DNS issue not to split the thread. db chairs, pls advise privately} On Tue, May 16, 2006 at 12:13:53PM +0200, Katie Petrusha wrote:
... this test might fail in otherwise correct configurations. Unless explicitly excluded, a glue RR may belong to a zone _below_ the delegated one, so the servers of the delegated zone cannot be expected to authoritatively know the A/AAAA RR(s).
Good point. Instead, this check could be implemented to just give a warning if IPs are not listed or differ. So that user can make sure this is intentional. Would that make sense?
Well, in this particular constellation I'd assume the names "glued" are not generic anyway, so after some going back and forth my suggestion is to simply require that the name be authoritatively served from that server. E.g. dns1.9.9.e164.arpa and dns2.0.9.9.e164.arpa should be able to answer queries for A/AAAA RRs for their respective names authoritatively.
I'd not believe this is common in e164.arpa, but than I'd also have thought there's no need for glue in that domain in the first place ...
There were already comments about this; I only have to mention that initial request to support ipv6 glue came from e164.arpa users.
Sure, my remark was not meant to challenge these demands, just that things you never believe to happen in practice eventually will happen :-)
How many glue RRs per name server entry would you estimate would be needed? Obviously we will take estimation into account when implementing this. Also, from the operational point of view, would this limit be useful, or could it break something? Any feedback on this is also appreciated.
Me personally does not "believe" in multi-homed name servers, but I'd really like to read other's opinions. -Peter