On 10/5/10 9:52 AM, Christopher Morrow wrote:
On Tue, Oct 5, 2010 at 12:18 PM, Tony Finch<dot@dotat.at> wrote:
On Tue, 5 Oct 2010, Michael Sinatra wrote:
Hence the question: How should I provision authoritative DNS servers, given that the prefix information is provided via DNS--including the prefix information for the DNS servers themselves--leading to a chicken-and-egg problem. In addition, I would assume that I need something similar to glue records (instead of A or AAAA glue, I need L64 or LP glue).
Isn't glue the answer to your question? Your name servers get their prefixes from the networks they are connected to, and they do dynamic
If i have my NS in my network, which is 'ILNP enabled' (if there would be such a thing), I think Michael's question is ... how do I tell DNS where my NS is if my NS is moving and doesn't have a single long-lived stable address ?
Some of the answer may be: "Don't do that!", or "plan your moves properly, follow rfcXXXX which shows steps and timing to migrate an NS device/pair/set from network attachment point to network attachment point".
If I am multi-homed and my NS is in my ILNP-enabled network, then it is subject to "moving" at any time. If I lose an upstream due to a sudden failure (such as a link failure), then I need to signal that the lost upstream's prefix should no longer be used. This requires a DDNS update to my L64 record(s). The issue is how should I deal with the situation that you need to know the correct L64 record to get to my network (without waiting for a timeout if you try the broken prefix first) and the way to know what the correct prefixes are is to query a nameserver that's in my network. But to get to my network, you need to know the correct L64 record...etc. So I need to keep nameservers out of my network or have the ability to update an L64 "glue" record on-the-fly in the parent (which also implies a very low ttl on the parent L64 glue record). michael