This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/dns-wg@ripe.net/
[dns-wg] RIPE's MNAME recommendation
- Next message (by thread): [dns-wg] RIPE's MNAME recommendation
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Patrik Fältström
paf at cisco.com
Sat Oct 1 12:40:09 CEST 2005
On Sep 30, 2005, at 17:24, Daniel Karrenberg wrote: > All the words were written before hidden masters were necessary or > invented. > > Whether SOAs are used to determine recipients of NOTIFY is a local > matter. > I do not think there need to be standards or recommendataions about > that. > > So the recommendation should be to put into the MNAME field the domain > name of an authoritative name server that allows AXFRs and is the > intended target for dynamic updates. The difficult question is > what to > put there if there is no such server. It is perfectly OK to not > use or > allow AXFR and not to use dynamic updates. > > I have no bright ideas here. But what should be recognised is that > there > may be no such server. As said on this list earlier, the fact is that software deployed do use the MNAME field to try to do dynamic update to and other kind of access. Because of this, for me the MNAME field is in reality a field of data that helps leakage of RFC 1918 addresses if the hostname in MNAME is having such an IP address. This in turn forces to fall under the category of "things that should not have RFC 1918 data". The question is then, as Daniel says, what to put in the MNAME field, as we have conflicting requirements. That it lists the hostname that is the primary master, and that it should not expose RFC 1918 addresses. My suggestion would be to put a domain name there in the domain that hosts the domain, a hostname that can receive the traffic generated by any tool that uses the mname in the SOA for something. Patrik
- Next message (by thread): [dns-wg] RIPE's MNAME recommendation
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
[ dns-wg Archives ]