On Tue, 5 Oct 2010, Michael Sinatra wrote:
Hence the question: How should I provision authoritative DNS servers, given that the prefix information is provided via DNS--including the prefix information for the DNS servers themselves--leading to a chicken-and-egg problem. In addition, I would assume that I need something similar to glue records (instead of A or AAAA glue, I need L64 or LP glue).
Isn't glue the answer to your question? Your name servers get their prefixes from the networks they are connected to, and they do dynamic updates to their parent zone as well as their own zone's master. Then other sites can find them using the usual referral chasing. I am assuming that the name server's name is in a zone for which it is authoritative. If not, it doesn't appear in glue so it doesn't need to update the parent zone. This implies that the name a DNS server uses to refer to itself (i.e. the name for which it performs dynamic updates for its prefix) must be used by all NS records that refer to the name server, so that resolvers can find the server's up-to-date prefix recods. This is stricter than is common in the current DNS - for example, the NS records for my domain do not use the names chosen by those servers' admins. I do this because I think in-bailiwick name server names are a good idea. I don't know if or how much DNSSEC might change the balance of opinion in this area. One thing it doesn't change is the quite astounding amounts of transitive trust that can be introduced by outsourcing your DNS including the nameserver names. http://shinobi.dempsky.org/~matthew/dnstrust/graphs/ So I don't think your question is relevant for most zones. It *is* relevant for the root. ILNP will have to come up with a new scheme for the root zone hints. I haven't looked at it in enough detail to see if they already have a plan. Tony. -- f.anthony.n.finch <dot@dotat.at> http://dotat.at/ HUMBER THAMES DOVER WIGHT PORTLAND: NORTH BACKING WEST OR NORTHWEST, 5 TO 7, DECREASING 4 OR 5, OCCASIONALLY 6 LATER IN HUMBER AND THAMES. MODERATE OR ROUGH. RAIN THEN FAIR. GOOD.