nanog mailing list archives
Re: Great Suggestion for the DNS problem...?
From: Colin Alston <karnaugh () karnaugh za net>
Date: Mon, 28 Jul 2008 21:19:39 +0200
On 2008/07/28 09:05 PM Jay R. Ashworth wrote:
Is there any reason which I'm too far down the food chain to see why that's not a fantastic idea? Or at least, something inspired by it?
If NS records pointed to IP's instead of names then this problem might not exist. The root holds glue going up the chain, and you could reject authoritative responses from IP's not listed as authoritative NS for that zone.
Ie for karnaugh.za.net, net is looked up from root. Root IP addresses are queried directly, so you know to ignore responses coming from someone else. That gives you net (the same gtld, how convenient) and authoritative IP response for its NS. So you look up za.net and get correct glue and so on.
Actually, if glue were always served up the resolution chain then then only crummy glueless delegations would be vulnerable.
Anyone feel like redesigning the DNS protocol? Anyone? No? :(
Current thread:
- Great Suggestion for the DNS problem...? Jay R. Ashworth (Jul 28)
- Re: Great Suggestion for the DNS problem...? Colin Alston (Jul 28)
- RE: Great Suggestion for the DNS problem...? Tomas L. Byrnes (Jul 28)
- Re: Great Suggestion for the DNS problem...? Jay R. Ashworth (Jul 28)
- Re: Great Suggestion for the DNS problem...? Colin Alston (Jul 28)
- Re: Great Suggestion for the DNS problem...? Tony Finch (Jul 29)
- Re: Great Suggestion for the DNS problem...? Colin Alston (Jul 29)
- Re: Great Suggestion for the DNS problem...? Laurence F. Sheldon, Jr. (Jul 29)
- Re: Great Suggestion for the DNS problem...? Steven M. Bellovin (Jul 29)
- Re: Great Suggestion for the DNS problem...? Mohacsi Janos (Jul 29)
- Re: Great Suggestion for the DNS problem...? Mikael Abrahamsson (Jul 29)
- Re: Great Suggestion for the DNS problem...? Laird Popkin (Jul 29)
- RE: Great Suggestion for the DNS problem...? Tomas L. Byrnes (Jul 28)
- Re: Great Suggestion for the DNS problem...? Colin Alston (Jul 28)