[56374] in North American Network Operators' Group
Re: Why replicate the DNS?
daemon@ATHENA.MIT.EDU (Joe Abley)
Wed Mar 5 21:58:58 2003
Date: Wed, 5 Mar 2003 21:58:20 -0500
Cc: nanog@merit.edu
To: Michael.Dillon@radianz.com
From: Joe Abley <jabley@isc.org>
In-Reply-To: <OF6BF53505.C4118AA2-ON80256CDF.0044A53E-80256CDF.00460823@radianz.com>
Errors-To: owner-nanog-outgoing@merit.edu
On Tuesday, Mar 4, 2003, at 07:44 Canada/Eastern,
Michael.Dillon@radianz.com wrote:
> In any case, I don't want to replicate the DNS. It works just fine as
> it
> is and I want to leave it alone. I especially don't want to expand the
> role of the DNS by adding features to it.
I think Bill's point was that if a distributed database is required to
contain routing policy, why not use existing distributed database
infrastructure to host it (i.e. the DNS). In this context, deployment
of LDAP-accessible databases (which you advocate) is "replicating the
DNS" (which you mention you don't want to do).
There was once a domain named under int which contained RPSL-ish
content in TXT records, by way of example. I forget what it was called,
now.
I think it is fair to say that the delegation chain in the DNS is
demonstrably more effective in allowing authoritative records to be
located than the ad-hoc partial-mesh of mirroring and key replication
currently found in the IRR. For example, there seem to be all kinds of
people who will helpfully add route objects to the IRR on your behalf,
regardless of the fact that the result is multiple, conflicting records.
Joe
