[89005] in North American Network Operators' Group
Re: shim6 @ NANOG (forwarded note from John Payne)
daemon@ATHENA.MIT.EDU (Kevin Day)
Tue Feb 28 20:12:37 2006
In-Reply-To: <53CF447E-B2CB-46AD-BB89-AE6EE3FB5FFC@muada.com>
Cc: John Payne <john@sackheads.org>, NANOG list <nanog@nanog.org>
From: Kevin Day <toasty@dragondata.com>
Date: Tue, 28 Feb 2006 19:15:00 -0600
To: Iljitsch van Beijnum <iljitsch@muada.com>
Errors-To: owner-nanog@merit.edu
On Feb 28, 2006, at 4:21 PM, Iljitsch van Beijnum wrote:
>
> On 28-feb-2006, at 23:15, John Payne wrote:
>
>>> Should be doable with a DNS SRV record like mechanism. Don't
>>> worry too much about this one.
>
>> Where does the assumption that the network operators control the
>> DNS for the end hosts come from?
>
> ...or in another way. Don't worry too much about this one.
Well, make sure you're taking into account ALL of these situations,
as they all exist currently:
1) We run the servers, DNS and connectivity for a website. Should be
the easy case.
2) We run the DNS and connectivity for the site, but do not control
the server at all. (No root access to the server, must rely on the
customer to follow instructions to setup, can't be asking them to
make changes.)
3) We run the server and connectivity, but do not have control of
DNS. (Customer is using their registrar's DNS services)
4) We provide connectivity only. (Colocation. We have no control over
DNS or what goes on inside the server)
5) We provide DNS services to an entire domain, and have no
involvement in the actual connectivity of any services on the site.
(EasyDNS, etc)
How can I, as a hypothetical hosting company, manage traffic
engineering under all of these situations with shim6?
If we do not control the server itself, we're completely reliant on
customers to "do the right thing". We can't ask them to change things
on their end for traffic engineering(we change it too much, and it's
not their problem). We can't trust that they won't modify their
hosts' behavior in ways that would suit them.
If you're saying we don't need to rely on the server side at all to
DTRT, the solution either has to come in on the DNS side (which we
also don't always control, and takes too long to update) or
additional functionality added to the router/firewall/load balancer/
something. I can't imagine that going over well with hosting/content
companies either.
No matter how you look at this, the routing policy and routing
decisions need to be made somewhere. There isn't any one point where
a hosting company can do this where it's guaranteed they have control
of it. If you're suggesting that this be changed, that's further
raising the bar for IPv6 deployment. If people have to change their
business models around a new addressing scheme, it's not going to be
a very willing move.
-- Kevin