[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: IPv6 and Dynamic DNS

To: Jim Bound <bound@ZK3.DEC.COM>
Subject: Re: IPv6 and Dynamic DNS
From: Robert Elz <kre@MUNNARI.OZ.AU>
Date: Tue, 03 Aug 1999 02:54:50 +1000
Cc: ipng@sunroof.eng.sun.com, namedroppers@internic.net

    Date:        Mon, 02 Aug 1999 12:19:30 -0400
    From:        Jim Bound <bound@zk3.dec.com>
    Message-ID:  <199908021619.MAA0000012288@quarry.zk3.dec.com>

  | IPv6 will also support DHCPv6 as an alternative to using the router for
  | your prefixes for addr conf too.

OK, I should have been clearer, obviously if DHCPv6 is being used, then
the DHCP server can do things for v6 exactly as for v4.   I was concerned
with the case where DHCPv6 isn't being used.

  | Not entirely correct either.  The node can do the update or the DHCPv6
  | server for the node.

If we assume there is no DHCPv6 server (which for example I don't believe
there was in Oslo) then it has to be the node, right?   But from where is
the node going to get the authority to do this?   Typically it will have
no knowledge at all of the net where it is being connected, which also
implies that it can't know what credentials it can usefully supply to get
permission to update the zone file.

  | If the issue is authority then that is TSIG initially and then DNSSEC.
  | Then its a matter of getting the key.

Yes, exactly.   That small matter.   Does this imply that if I come visit
you one day, you're going to hand over the key to your zone file to my
laptop?

  | For BIND folks this is in the 8.2
  | release and works with Dynamic Updates to DNS implementation APIs.

Right now, I'm not concerned with the software to make this work, I know
that's on the way.   It is how it is supposed to be all glued together so
it can work in practice.

  | With dynamic updates to DNS its just a PTR record for IPv6 like IPv4
  | under the IP6.INT domain.

Sure, I understand this much Jim....

  | Maybe I am missing your issue as I don't see it?

The point is where my node gets the authority to do the update (assuming
that DHCPv6 isn't being used, if it was the server would just do the
update, as for v4, that's easy to arrange to work).   But we haven't
moved to mandating DCHPv6 yet have we, autoconfig is still an option, right?
So assuming that autoconfig is what my node does (and is what I do in fact
do as I have a router which is sending out the RAs I need for this), where
does my node manage to find the key to update some random network it happens
to be connected to today?

It can easily update the forward zone, as its domain name doesn't change,
no matter where it connects, so configuring it with a key to permit that
update is easy.   But for the reverse zone file this doesn't look like quite
such an easy problem (and it certainly can't be swept under the floor by
saying "you should use DHCPv6 if you need to do that").

kre

Prev by Date: IPv6 and Dynamic DNS
Next by Date: Re: IPv6 and Dynamic DNS
Prev by thread: IPv6 and Dynamic DNS
Next by thread: Re: IPv6 and Dynamic DNS
Index(es):
- Date
- Thread