| < draft-jabley-dnsop-as112-dname-00.txt | draft-jabley-dnsop-as112-dname-01.txt > | |||
|---|---|---|---|---|
| Network Working Group J. Abley | Network Working Group J. Abley | |||
| Internet-Draft ICANN | Internet-Draft ICANN | |||
| Updates: 6304 (if approved) B. Dickson | Updates: 6304 (if approved) B. Dickson | |||
| Intended status: Experimental June 28, 2013 | Intended status: Informational | |||
| Expires: December 30, 2013 | Expires: April 15, 2014 W. Kumari | |||
| G. Michaelson | ||||
| APNIC | ||||
| October 12, 2013 | ||||
| AS112 Redirection using DNAME | AS112 Redirection using DNAME | |||
| draft-jabley-dnsop-as112-dname-00 | draft-jabley-dnsop-as112-dname-01 | |||
| Abstract | Abstract | |||
| Many sites connected to the Internet make use of IPv4 addresses that | Many sites connected to the Internet make use of IPv4 addresses that | |||
| are not globally unique. Examples are the addresses designated in | are not globally unique. Examples are the addresses designated in | |||
| RFC 1918 for private use within individual sites. | RFC 1918 for private use within individual sites. | |||
| Devices in such environments may occasionally originate Domain Name | Devices in such environments may occasionally originate Domain Name | |||
| System (DNS) queries (so-called "reverse lookups") corresponding to | System (DNS) queries (so-called "reverse lookups") corresponding to | |||
| those private-use addresses. Since the addresses concerned have only | those private-use addresses. Since the addresses concerned have only | |||
| skipping to change at page 2, line 10 ¶ | skipping to change at page 2, line 15 ¶ | |||
| Internet-Drafts are working documents of the Internet Engineering | Internet-Drafts are working documents of the Internet Engineering | |||
| Task Force (IETF). Note that other groups may also distribute | Task Force (IETF). Note that other groups may also distribute | |||
| working documents as Internet-Drafts. The list of current Internet- | working documents as Internet-Drafts. The list of current Internet- | |||
| Drafts is at http://datatracker.ietf.org/drafts/current/. | Drafts is at http://datatracker.ietf.org/drafts/current/. | |||
| Internet-Drafts are draft documents valid for a maximum of six months | Internet-Drafts are draft documents valid for a maximum of six months | |||
| and may be updated, replaced, or obsoleted by other documents at any | and may be updated, replaced, or obsoleted by other documents at any | |||
| time. It is inappropriate to use Internet-Drafts as reference | time. It is inappropriate to use Internet-Drafts as reference | |||
| material or to cite them other than as "work in progress." | material or to cite them other than as "work in progress." | |||
| This Internet-Draft will expire on December 30, 2013. | This Internet-Draft will expire on April 15, 2014. | |||
| Copyright Notice | Copyright Notice | |||
| Copyright (c) 2013 IETF Trust and the persons identified as the | Copyright (c) 2013 IETF Trust and the persons identified as the | |||
| document authors. All rights reserved. | document authors. All rights reserved. | |||
| This document is subject to BCP 78 and the IETF Trust's Legal | This document is subject to BCP 78 and the IETF Trust's Legal | |||
| Provisions Relating to IETF Documents | Provisions Relating to IETF Documents | |||
| (http://trustee.ietf.org/license-info) in effect on the date of | (http://trustee.ietf.org/license-info) in effect on the date of | |||
| publication of this document. Please review these documents | publication of this document. Please review these documents | |||
| skipping to change at page 3, line 25 ¶ | skipping to change at page 3, line 25 ¶ | |||
| 7. IAB Considerations . . . . . . . . . . . . . . . . . . . . . . 11 | 7. IAB Considerations . . . . . . . . . . . . . . . . . . . . . . 11 | |||
| 8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 12 | 8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 12 | |||
| 8.1. Address Assignment . . . . . . . . . . . . . . . . . . . . 12 | 8.1. Address Assignment . . . . . . . . . . . . . . . . . . . . 12 | |||
| 8.2. Hosting of AS112.ARPA . . . . . . . . . . . . . . . . . . 12 | 8.2. Hosting of AS112.ARPA . . . . . . . . . . . . . . . . . . 12 | |||
| 8.3. Delegation of AS112.ARPA . . . . . . . . . . . . . . . . . 13 | 8.3. Delegation of AS112.ARPA . . . . . . . . . . . . . . . . . 13 | |||
| 9. Security Considerations . . . . . . . . . . . . . . . . . . . 14 | 9. Security Considerations . . . . . . . . . . . . . . . . . . . 14 | |||
| 10. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 15 | 10. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 15 | |||
| 11. References . . . . . . . . . . . . . . . . . . . . . . . . . . 16 | 11. References . . . . . . . . . . . . . . . . . . . . . . . . . . 16 | |||
| 11.1. Normative References . . . . . . . . . . . . . . . . . . . 16 | 11.1. Normative References . . . . . . . . . . . . . . . . . . . 16 | |||
| 11.2. Informative References . . . . . . . . . . . . . . . . . . 16 | 11.2. Informative References . . . . . . . . . . . . . . . . . . 16 | |||
| Appendix A. Updates to RFC6304 . . . . . . . . . . . . . . . . . 17 | Appendix A. Assessing Support for DNAME in the Real World . . . . 17 | |||
| A.1. Changes to Section 2.1, Zones . . . . . . . . . . . . . . 17 | A.1. Methodology . . . . . . . . . . . . . . . . . . . . . . . 17 | |||
| A.2. Changes to Section 2.2, Nameservers . . . . . . . . . . . 17 | A.2. Results . . . . . . . . . . . . . . . . . . . . . . . . . 19 | |||
| A.3. Changes to Section 3.4, Routing Software . . . . . . . . . 17 | Appendix B. Updates to RFC6304 . . . . . . . . . . . . . . . . . 20 | |||
| A.4. Changes to Section 3.5, DNS Software . . . . . . . . . . . 17 | B.1. Changes to Section 2.1, Zones . . . . . . . . . . . . . . 20 | |||
| A.5. Changes to Section 3.6, Testing a Newly Installed Node . . 17 | B.2. Changes to Section 2.2, Nameservers . . . . . . . . . . . 20 | |||
| A.6. Changes to Section 6, On the Future of AS112 Nodes . . . . 17 | B.3. Changes to Section 3.4, Routing Software . . . . . . . . . 20 | |||
| A.7. Changes to Section 8, Security Considerations . . . . . . 18 | B.4. Changes to Section 3.5, DNS Software . . . . . . . . . . . 20 | |||
| A.8. Changes to Appendix A, History . . . . . . . . . . . . . . 18 | B.5. Changes to Section 3.6, Testing a Newly Installed Node . . 20 | |||
| Appendix B. Editorial Notes . . . . . . . . . . . . . . . . . . . 19 | B.6. Changes to Section 6, On the Future of AS112 Nodes . . . . 20 | |||
| B.1. Change History . . . . . . . . . . . . . . . . . . . . . . 19 | B.7. Changes to Section 8, Security Considerations . . . . . . 21 | |||
| Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 20 | B.8. Changes to Appendix A, History . . . . . . . . . . . . . . 21 | |||
| Appendix C. Editorial Notes . . . . . . . . . . . . . . . . . . . 22 | ||||
| C.1. Change History . . . . . . . . . . . . . . . . . . . . . . 22 | ||||
| Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 23 | ||||
| 1. Introduction | 1. Introduction | |||
| The AS112 project is described in detail in [RFC6304]. | The AS112 project is described in detail in [RFC6304]. | |||
| The AS112 nameservers (PRISONER.IANA.ORG, BLACKHOLE-1.IANA.ORG and | The AS112 nameservers (PRISONER.IANA.ORG, BLACKHOLE-1.IANA.ORG and | |||
| BLACKHOLE-2.IANA.ORG) are required to answer authoritatively for each | BLACKHOLE-2.IANA.ORG) are required to answer authoritatively for each | |||
| and every zone that is delegated to them. | and every zone that is delegated to them. | |||
| If a zone is delegated to AS112 nameservers without those nameservers | If a zone is delegated to AS112 nameservers without those nameservers | |||
| skipping to change at page 6, line 27 ¶ | skipping to change at page 6, line 27 ¶ | |||
| It is only necessary for a single AS112 server operator to implement | It is only necessary for a single AS112 server operator to implement | |||
| these extensions for this mechanism to function as intended. It is | these extensions for this mechanism to function as intended. It is | |||
| beneficial if many more than one AS112 server operators make these | beneficial if many more than one AS112 server operators make these | |||
| changes, however, since that provides for greater distribution and | changes, however, since that provides for greater distribution and | |||
| capacity for the nameservers serving the EMPTY.AS112.ARPA zone. It | capacity for the nameservers serving the EMPTY.AS112.ARPA zone. It | |||
| is not necessary for all AS112 server operators to make these changes | is not necessary for all AS112 server operators to make these changes | |||
| for the mechanism to be viable. | for the mechanism to be viable. | |||
| Detailed instructions for the implementation of these extensions is | Detailed instructions for the implementation of these extensions is | |||
| included in Appendix A. | included in Appendix B. | |||
| 3.2. Redirection of Query Traffic to AS112 Servers | 3.2. Redirection of Query Traffic to AS112 Servers | |||
| Once the EMPTY.AS112.ARPA zone has been deployed using the | Once the EMPTY.AS112.ARPA zone has been deployed using the | |||
| nameservers described in Section 3.1, redirections may be installed | nameservers described in Section 3.1, redirections may be installed | |||
| in the DNS namespace for queries that are intended to be answered by | in the DNS namespace for queries that are intended to be answered by | |||
| the AS112 infrastructure. | the AS112 infrastructure. | |||
| For example, reverse queries corresponding to TEST-NET-1 | For example, reverse queries corresponding to TEST-NET-1 | |||
| (192.0.2.0/24) [RFC5737] could be redirected to AS112 nameservers by | (192.0.2.0/24) [RFC5737] could be redirected to AS112 nameservers by | |||
| installing a DNAME resource record in the 192.IN-ADDR.ARPA zone, as | installing a DNAME resource record in the 192.IN-ADDR.ARPA zone, as | |||
| illustrated in Figure 1. | illustrated in Figure 1. | |||
| @ORIGIN 192.IN-ADDR.ARPA. | $ORIGIN 192.IN-ADDR.ARPA. | |||
| ... | ... | |||
| 2.0.IN-ADDR.ARPA. IN DNAME EMPTY.AS112.ARPA. | 2.0.IN-ADDR.ARPA. IN DNAME EMPTY.AS112.ARPA. | |||
| ... | ... | |||
| Figure 1 | Figure 1 | |||
| There is no practical limit to the number of redirections that can be | There is no practical limit to the number of redirections that can be | |||
| configured in this fashion. Redirection of a particular part of the | configured in this fashion. Redirection of a particular part of the | |||
| namespace to EMPTY.AS112.ARPA can be removed at any time, under the | namespace to EMPTY.AS112.ARPA can be removed at any time, under the | |||
| control of the administrators of the corresponding part of the DNS | control of the administrators of the corresponding part of the DNS | |||
| skipping to change at page 9, line 8 ¶ | skipping to change at page 9, line 8 ¶ | |||
| that the existing, unmodified AS112 servers host 10.IN-ADDR.ARPA, the | that the existing, unmodified AS112 servers host 10.IN-ADDR.ARPA, the | |||
| decision might be made to replace the delegation of those [RFC1918] | decision might be made to replace the delegation of those [RFC1918] | |||
| zones with DNAME redirection. Once implemented, the | zones with DNAME redirection. Once implemented, the | |||
| PRISONER.IANA.ORG, BLACKHOLE-1.IANA.ORG and BLACKHOLE-2.IANA.ORG | PRISONER.IANA.ORG, BLACKHOLE-1.IANA.ORG and BLACKHOLE-2.IANA.ORG | |||
| nameservers could be retired. This document gives no such direction | nameservers could be retired. This document gives no such direction | |||
| to the IANA, however. | to the IANA, however. | |||
| 5. Candidate Zones for AS112 Redirection | 5. Candidate Zones for AS112 Redirection | |||
| All zones listed in [RFC6303] are candidates for AS112 redirection. | All zones listed in [RFC6303] are candidates for AS112 redirection. | |||
| No doubt there are many others that are worth mentioning. Future | ||||
| revisions of this draft should mention them. | ||||
| This document is concerned with provision of the AS112 redirection | Since no pre-provisioning is required on the part of AS112 operators | |||
| service, and does not specify that any particular AS112 redirection | to facilitate sinking of any name in the DNS namespace by AS112 | |||
| be put in place. | infrastructure, this mechanism supports AS112 redirection by any zone | |||
| owner in the DNS. | ||||
| This document is simply concerned with provision of the AS112 | ||||
| redirection service, and does not specify that any particular AS112 | ||||
| redirection be put in place. | ||||
| 6. DNAME Deployment Considerations | 6. DNAME Deployment Considerations | |||
| DNAME was specified a significant time following the original | DNAME was specified a significant time following the original | |||
| implementations of [RFC1035], and hence universal deployment cannot | implementations of [RFC1035], and hence universal deployment cannot | |||
| be expected. [RFC6672] specifies a fall-back mechanism which makes | be expected. [RFC6672] specifies a fall-back mechanism which makes | |||
| use of synthesised CNAME RRSets for this reason. | use of synthesised CNAME RRSets for this reason. The expectation | |||
| that design choices in the DNAME specification ought to mitigate any | ||||
| lack of deployment is reviewed below. Experimental validation of | ||||
| those expectations is included in Appendix A. | ||||
| It is a fundamental design requirement of AS112 service that | It is a fundamental design requirement of AS112 service that | |||
| responses be cached. We can safely declare DNAME support on the | responses be cached. We can safely declare DNAME support on the | |||
| authoritative server to be a prerequisite for DNAME redirection, but | authoritative server to be a prerequisite for DNAME redirection, but | |||
| the cases where individual elements in resolver chains do not support | the cases where individual elements in resolver chains do not support | |||
| DNAME processing deserve closer examination. | DNAME processing deserve closer examination. | |||
| The expected behaviour when a DNAME response is supplied to a | The expected behaviour when a DNAME response is supplied to a | |||
| resolver that does not support DNAME is that the accompanying, | resolver that does not support DNAME is that the accompanying, | |||
| synthesised CNAME will be accepted and cached. Re-query frequency | synthesised CNAME will be accepted and cached. Re-query frequency | |||
| will be determined by the TTLs returned by the DNAME-responding | will be determined by the TTLs returned by the DNAME-responding | |||
| authoritative servers. | authoritative servers. | |||
| Resolution of the CNAME target is straightforward and functions | Resolution of the CNAME target is straightforward and functions | |||
| exactly as the AS112 project has operated since it was deployed. The | exactly as the AS112 project has operated since it was deployed. The | |||
| negative caching [RFC2308] of the CNAME target follows the parameters | negative caching [RFC2308] of the CNAME target follows the parameters | |||
| defined in the target zone, EMPTY.AS112.ARPA. This has the side- | defined in the target zone, EMPTY.AS112.ARPA. This has the side- | |||
| effects that all redirected names ultimately landing on an AS112 node | effects that all redirected names ultimately landing on an AS112 node | |||
| will be negatively-cached with the same parameters, but this lack of | will be negatively-cached with the same parameters, but this lack of | |||
| flexibility seems non-contraversial; the effect of reducing the | flexibility seems non-controversial; the effect of reducing the | |||
| negative cache TTL would be increased query volume on the AS112 node | negative cache TTL would be increased query volume on the AS112 node | |||
| operator concerned, and hence controls seem well-alligned with | operator concerned, and hence controls seem well-aligned with | |||
| operation. | operation. | |||
| Validating resolvers (i.e. those requesting and processing DNSSEC | Validating resolvers (i.e. those requesting and processing DNSSEC | |||
| [RFC4033] metadata) are required to implement DNAME, and hence should | [RFC4033] metadata) are required to implement DNAME, and hence should | |||
| not make use of synthesised CNAME RRs. The lack of signature over a | not make use of synthesised CNAME RRs. The lack of signature over a | |||
| received CNAME RR should hence not limit the ability to sign the | received CNAME RR should hence not limit the ability to sign the | |||
| redirection point, and for those signatures to be validated. | redirection point, and for those signatures to be validated. | |||
| In the case where a recursive server implements DNAME, but DNAME is | In the case where a recursive server implements DNAME, but DNAME is | |||
| not implemented in a stub resolver, CNAME synthesis will again | not implemented in a stub resolver, CNAME synthesis will again | |||
| skipping to change at page 17, line 5 ¶ | skipping to change at page 17, line 5 ¶ | |||
| [RFC4786] Abley, J. and K. Lindqvist, "Operation of Anycast | [RFC4786] Abley, J. and K. Lindqvist, "Operation of Anycast | |||
| Services", BCP 126, RFC 4786, December 2006. | Services", BCP 126, RFC 4786, December 2006. | |||
| [RFC5737] Arkko, J., Cotton, M., and L. Vegoda, "IPv4 Address Blocks | [RFC5737] Arkko, J., Cotton, M., and L. Vegoda, "IPv4 Address Blocks | |||
| Reserved for Documentation", RFC 5737, January 2010. | Reserved for Documentation", RFC 5737, January 2010. | |||
| [RFC6303] Andrews, M., "Locally Served DNS Zones", BCP 163, | [RFC6303] Andrews, M., "Locally Served DNS Zones", BCP 163, | |||
| RFC 6303, July 2011. | RFC 6303, July 2011. | |||
| Appendix A. Updates to RFC6304 | Appendix A. Assessing Support for DNAME in the Real World | |||
| To measure the extent to which the DNAME construct is supported in | ||||
| the Internet, we have used an experimental technique to test the DNS | ||||
| resolvers used by end hosts, and derive from the test a measurement | ||||
| of DNAME support within the Internet. | ||||
| A.1. Methodology | ||||
| The test was conducted by loading a user's browser with 4 URLs to | ||||
| retrieve. The first three comprise the test setup, while the final | ||||
| URL communicates the result the the experiment controller. The URLs | ||||
| are: | ||||
| A http://a.<unique_string>.dname.example.com/1x1.png? | ||||
| a.<unique_string>.dname | ||||
| B http://b.dname.example.com/1x1.png? | ||||
| b.<unique_string>.dname | ||||
| C http://c.<unique_string>.target.example.net/1x1.png? | ||||
| c.<unique_string>.target | ||||
| D http://results.recorder.example.net/1x1.png? | ||||
| results.<unique_string>?za=<a_result>&zb=<b_result>&zc=<c_result> | ||||
| The A URL is designed to test the end users capability to resolve a | ||||
| name that has never been seen before, so that the resolution of this | ||||
| domain name will reliably result in a query at the authoritative name | ||||
| server. This is intended to test the use of domain names where there | ||||
| is a dynamic component that also uses the DNAME construct. | ||||
| The B URL is deliberately designed to be cached by caching resolvers | ||||
| that are used in the process of resolving the domain name. | ||||
| The C URL is a control URL. This is a unique URL, similar to A, but | ||||
| does not refer to a DNAME structure. | ||||
| The D URL uses a static cacheable domain name. | ||||
| The <unique_string> value is common to the four URLs used in each | ||||
| individual instance of this test, but varies from test to test. The | ||||
| result is that each end user is presented with a unique string. | ||||
| The contents of the EXAMPLE.COM, TARGET.EXAMPLE.NET and | ||||
| RECORDER.EXAMPLE.NET zones are shown in Figure 3. | ||||
| $ORIGIN EXAMPLE.COM. | ||||
| ... | ||||
| DNAME. IN DNAME TARGET.EXAMPLE.NET. | ||||
| ... | ||||
| $ORIGIN TARGET.EXAMPLE.NET. | ||||
| ... | ||||
| B IN A 192.0.2.0 | ||||
| * IN A 192.0.2.0 | ||||
| ... | ||||
| $ORIGIN RECORDER.EXAMPLE.NET. | ||||
| ... | ||||
| RESULTS IN A 192.0.2.0 | ||||
| ... | ||||
| Figure 3 | ||||
| The first three URLs (A, B and C) are loaded as tasks into the user's | ||||
| browser upon execution of the test's script. The script starts a | ||||
| timer with each of these URLs to measure the elapsed time to fetch | ||||
| the URL. The script then waits for the three fetches to complete, or | ||||
| 10 seconds, whichever occurs first. The script then loads the | ||||
| results of the three timers into the GET arguments of the D URL, and | ||||
| performs a fetch to pass these results back to the experiment's | ||||
| server. | ||||
| Logs on the web server reached at RESULTS.EXAMPLE.NET will include | ||||
| entries of the form shown in Figure 4. If any of the URLs fail to | ||||
| load within 10 secords the D URL will report the failure as a "null" | ||||
| timer value. | ||||
| GET /1x1.png?results.<unique_string>?za=1822&zb=1674&zc=1582 | ||||
| GET /1x1.png?results.<unique_string>?za=null&zb=null&zc=161 | ||||
| Figure 4 | ||||
| The script has been encoded in Adobe Flash with a simple image in the | ||||
| form of an online advertisement. An online advertisement network has | ||||
| been used to distribute the script. The script is invoked when the | ||||
| advertisement is presented in the end user's browser or application, | ||||
| and does not require the user to click on the supplied image in any | ||||
| way. The advertisement placement parameters were set to to broadest | ||||
| possible scope to sample users from across the entire internet. | ||||
| A.2. Results | ||||
| The test was loaded into an advertisement distributed on the | ||||
| 2013-10-10 and 2013-10-11. | ||||
| +--------------------+---------+------------+ | ||||
| | | Count | Percentage | | ||||
| +--------------------+---------+------------+ | ||||
| | Recorded Results: | 338,478 | | | ||||
| | | | | | ||||
| | A or B Loaded: | 331,896 | 98.1% | | ||||
| | | | | | ||||
| | A Fail and B Fail: | 6,492 | 1.9% | | ||||
| | | | | | ||||
| | A Fail and B Load: | 4,249 | 1.3% | | ||||
| | | | | | ||||
| | A Load and B Fail: | 1,624 | 0.5% | | ||||
| | | | | | ||||
| | C Fail: | 9,355 | 2.8% | | ||||
| +--------------------+---------+------------+ | ||||
| Table 1 | ||||
| These results indicate that at most 1.9% of tested clients use DNS | ||||
| resolvers that fail to resolve a domain name that contains a DNAME | ||||
| redirection. However the failure rate of slightly lower than 3% for | ||||
| the control URL indicates that the failure rate for the DNAME | ||||
| construct lies within the bounds of error within the experimental | ||||
| framework. We conclude that there is no evidence of a consistent | ||||
| failure on the part of deployed DNS resolvers to correctly resolve a | ||||
| DNAME construct. | ||||
| This experiment was conducted by Geoff Huston and George Michaelson. | ||||
| Appendix B. Updates to RFC6304 | ||||
| The following changes are required to [RFC6304] to provide support | The following changes are required to [RFC6304] to provide support | |||
| for AS112 redirection. It is proposed that a successor document to | for AS112 redirection. It is proposed that a successor document to | |||
| [RFC6304] be prepared for joint publication with this document in the | [RFC6304] be prepared for joint publication with this document in the | |||
| interests of providing clear advice to prospective new AS112 | interests of providing clear advice to prospective new AS112 | |||
| operators. The following sub-sections are hence provided mainly only | operators. The following sub-sections are hence provided mainly only | |||
| to describe the scope of the changes required for 6304bis, and are | to describe the scope of the changes required for 6304bis, and are | |||
| not intended for publication in this document. References to this | not intended for publication in this document. References to this | |||
| section in this document should ultimately be replaced with | section in this document should ultimately be replaced with | |||
| references to 6304bis. | references to 6304bis. | |||
| A.1. Changes to Section 2.1, Zones | B.1. Changes to Section 2.1, Zones | |||
| The list of zones that the AS112 nameserver should answer | The list of zones that the AS112 nameserver should answer | |||
| authoritatively for is extended to include EMPTY.AS112.ARPA. | authoritatively for is extended to include EMPTY.AS112.ARPA. | |||
| A.2. Changes to Section 2.2, Nameservers | B.2. Changes to Section 2.2, Nameservers | |||
| The nameserver BLACKHOLE.AS112.ARPA (IPv4 address TBAv4-1, IPv6 | The nameserver BLACKHOLE.AS112.ARPA (IPv4 address TBAv4-1, IPv6 | |||
| address TBAv6-1) is added to the list of nameserver addresses that | address TBAv6-1) is added to the list of nameserver addresses that | |||
| the AS112 node should support. The IPv4 prefix TBAv4/24 and the IPv6 | the AS112 node should support. The IPv4 prefix TBAv4/24 and the IPv6 | |||
| prefix TBAv6/48 are added as new prefixes to be originated. | prefix TBAv6/48 are added as new prefixes to be originated. | |||
| A.3. Changes to Section 3.4, Routing Software | B.3. Changes to Section 3.4, Routing Software | |||
| The sample configuration provided in this section is extended to | The sample configuration provided in this section is extended to | |||
| accommodate the IPv4 and IPv6 service prefixes associated with AS112 | accommodate the IPv4 and IPv6 service prefixes associated with AS112 | |||
| redirection, TBAv4/24 and TBAv6/48, respectively. | redirection, TBAv4/24 and TBAv6/48, respectively. | |||
| A.4. Changes to Section 3.5, DNS Software | B.4. Changes to Section 3.5, DNS Software | |||
| The sample configuration provided in this section is extended to | The sample configuration provided in this section is extended to | |||
| accommodate the TBAv4-1 and TBAv6-1 addresses and the | accommodate the TBAv4-1 and TBAv6-1 addresses and the | |||
| EMPTY.AS112.ARPA zone. The contents of the EMPTY.AS112.ARPA zone | EMPTY.AS112.ARPA zone. The contents of the EMPTY.AS112.ARPA zone | |||
| should be specified (nameservers differ from that included as | should be specified (nameservers differ from that included as | |||
| "db.empty"). | "db.empty"). | |||
| A.5. Changes to Section 3.6, Testing a Newly Installed Node | B.5. Changes to Section 3.6, Testing a Newly Installed Node | |||
| Testing should be extended to test for correct hosting of the | Testing should be extended to test for correct hosting of the | |||
| EMPTY.AS112.ARPA zone. | EMPTY.AS112.ARPA zone. | |||
| A.6. Changes to Section 6, On the Future of AS112 Nodes | B.6. Changes to Section 6, On the Future of AS112 Nodes | |||
| A reference to this document should be included. | A reference to this document should be included. | |||
| A.7. Changes to Section 8, Security Considerations | B.7. Changes to Section 8, Security Considerations | |||
| Mention should be made that AS112 redirection, as specified in this | Mention should be made that AS112 redirection, as specified in this | |||
| document, supports DNSSEC in the sense that the DNAME records which | document, supports DNSSEC in the sense that the DNAME records which | |||
| signal the redirection can be signed. | signal the redirection can be signed. | |||
| A.8. Changes to Appendix A, History | B.8. Changes to Appendix A, History | |||
| A reference to this document should be included. | A reference to this document should be included. | |||
| Appendix B. Editorial Notes | Appendix C. Editorial Notes | |||
| This section (and sub-sections) to be removed prior to publication. | This section (and sub-sections) to be removed prior to publication. | |||
| B.1. Change History | C.1. Change History | |||
| 00 Initial write-up of Brian's idea, circulated for the purposes of | 00 Initial write-up of Brian's idea, circulated for the purposes of | |||
| entertainment. | entertainment. | |||
| 01 Some particularly egregious spelling mistakes fixed. | ||||
| 02 Warren Kumari and George Michaelson added as co-authors. Intended | ||||
| status changed to informational. Appendix on DNAME testing added, | ||||
| describing an experiment conducted by Geoff Huston and George | ||||
| Michaelson. | ||||
| Authors' Addresses | Authors' Addresses | |||
| Joe Abley | Joe Abley | |||
| ICANN | ICANN | |||
| 12025 Waterfront Drive, Suite 300 | 12025 Waterfront Drive, Suite 300 | |||
| Los Angeles, CA 90094-2536 | Los Angeles, CA 90094-2536 | |||
| USA | USA | |||
| Phone: +1 519 670 9327 | Phone: +1 519 670 9327 | |||
| Email: joe.abley@icann.org | Email: joe.abley@icann.org | |||
| Brian Dickson | Brian Dickson | |||
| 703 Palmer Drive | 703 Palmer Drive | |||
| Herndon, VA 20170 | Herndon, VA 20170 | |||
| Email: brian.peter.dickson@gmail.com | Email: brian.peter.dickson@gmail.com | |||
| Warren Kumari | ||||
| 1600 Amphitheatre Parkway | ||||
| Mountain View, CA 94043 | ||||
| Email: warren@kumari.net | ||||
| George Michaelson | ||||
| APNIC | ||||
| Email: ggm@apnic.net | ||||
| End of changes. 24 change blocks. | ||||
| 37 lines changed or deleted | 183 lines changed or added | |||
This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||