North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Domain names for ISP infrastructure links

  • From: Matthew Petach
  • Date: Wed Jan 08 04:08:06 1997

> 
> That may sound silly, but there's a merit in the
> idea that domain names can successfully replace the
> SNMP's object IDs.  SNMP and DNS then become the same
> protocol.
> 
> In fact, all protocols requiring exchange of some request
> and getting some reply from a uniquely named object can
> be made a particular case of a generic protocol.   There's
> no reason for Internet to be a hodge-podge of specialized
> kludges.   In most cases, it only takes an ability for DNS
> to "hand off" the continuation of name resolution to
> application programs.

This isn't that far fetched, actually; look at all the
fun you can have with the Hesiod class, or look at how
contact info is stored in DNS within the reverse address
blocks for the MAEs.  

Even such wonderful things as password files can 
be distributed that way, or POP mailbox 
locations; for example, my SO works at an
institution that distributes mail for 40,000+ users
among 12 mail hubs by querying TXT records out of DNS.
It's fast, it caches well, it scales beautifully, and
best of all, it didn't require a whole new protocol!

In fact, the password file entries for all 40,000 users 
are also retrievable via simple DNS queries, so that
building up customized /etc/passwd files on remote 
machines is a simple task.  And no, they're not silly
enough to put the encrypted password in the DNS entry;
since they use Kerberos, that field is left with an
invalid string (they could even have put fake encrypted
entries, just to torment would-be hackers), and the
actual authentication is done via encrypted Kerberos calls.

The mailbox lookups, and alias expansions, and forwarding
info is done via hesinfo lookups that are standard 
Sendmail 8.8.x, no local hacks needed.  The only step
that would make things even cooler would be having
the getpw* calls modified in the system libraries to
do the DNS queries directly to get user id's, home
directories, and the like, rather than having to
dump them periodically to the flat /etc/passwd
files.

Sorry, didn't mean to rant so much; it's just that
when you get right down to it, the DNS hierarchical
naming system can be used to store so many other
forms of information beyond just the plain and
boring hostnames that most of us use it for right
now.   It's a shame it's so underutilized.

Time to hop off my soapbox now...

Matt Petach

> See -- i don't think everything Plan 9-ish is pure crap.
> 
> --vadim
> 
> From: John Curran <[email protected]>
> 
> No...  we're going to mandate OID-style router names
> for the world's Internet providers:  
> 
>   <isoc-tree>.<internet-infrastructure branch>.
>   <iso country code>.<city ordinal>.<provider #>.
>   <facility #>.<rack #>.<shelf #>.<router ordinal>
> 
> Great fun to watch (it could be happening this way
> in the alternate universe next door.)
> 
> ;-)
> /John  
> 

- - - - - - - - - - - - - - - - -