|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: fixing insecure email infrastructure (was: Re: [eweek article]
> That's bad sincd DNAME is deprecated and has been removed from BIND. > > Owen Really? Thats news to me. RFC 2672, Non-Terminal DNS Name Redirection, is still a proposed standard <http://www.ietf.org/iesg/1rfc_index.txt>. If you are thinking about RFC 3363, Representing Internet Protocol version 6 (IPv6) Addresses in the Domain Name System (DNS). It does NOT deprecate DNAME. There is no UPDATES RFC 2672 at the top. I was well aware that it didn't deprecate DNAME when it passed through the WG. I would have complained long and loudly if it did. Mind you, in hind site, I should have a strongly argued that section 4 of RFC 3363 just be deleted. All it has done is generate confusion about the status of DNAME and to top that the opening sentence contains assertions which don't hold water once you think about them a little bit. DNAME is just as useful with nibbles in the reverse tree as it was with bitlabels. Take RFC 2874, DNS Extensions to Support IPv6 Address Aggregation and Renumbering, and redo the examples with nibbles. Everything just works. To renumber the reverse you need to get the appropriate DNAME records updated. You don't need to re-establish several levels of delegation under IP6.INT. Yes I expect the RIRs to add DNAMES not NS records at some point in the future for IP6.INT. For the forward part all the end systems just register their new addresses in the DNS using UPDATE. Mark. -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: [email protected]
|