Patrik,
We had a few objections during yesterday's discussion of IP address
uniqueness within a registry. This morning you provided an example of two
servers registered in different TLDs with the same IP address, each
potentially managed by a different registrar or even residing in a different
registry database. Yesterday Randy noted that IP address management in a
distributed registry world is a difficult problem. I'm trying to find a way
to minimize the management problem while providing functionality that maps
to the DNS data model.
So, the problem with enforcing IP address uniqueness is that it introduces a
restriction that doesn't exist in the DNS. The problem with allowing
registration of distinct name server objects that use IP addresses
associated with other distinct name server objects is that you have the same
attribute data associated with multiple objects, making it more difficult to
manage the association of address to object.
The aliasing suggestion I described appears to address both problems:
1. Each IP address is associated with only one name server object (reducing
the management problem), and
2. Each name server object can have multiple aliases (supporting the DNS
data model).
Scott Hollenbeck
Network Solutions, Inc. Registry
-----Original Message-----
From: Patrik Fältström [mailto:paf@swip.net]
Sent: Friday, June 30, 2000 8:34 AM
To: Hollenbeck, Scott; rrp@nsiregistry.com
Subject: RE: [NSI-RRP] IP Address Uniqueness
At 07.34 -0400 00-06-30, Hollenbeck, Scott wrote:
>That is, there's a
>single name server object, but the object has attributes that identify both
>IP addresses and host name aliases. Aliases can be added only by the
>registrar sponsoring the primary host name, but the aliases can be host
>names registered in other TLDs. For example, ns1.example.com could have
>aliases foo.example.com, ns1.example.org, or ns1.example.com.au.
What problem are you trying to solve?
I think that you try to solve the problem with "who can claim that a
certain IP-address (via the hostname of the NS) is actually
nameserver for a certain domain?".
This can only be answered by checking what user owns the IP-address,
and verifying with that user -- and that will be at one of the RIRs.
Two NS with different name are two different objects, and they should
be able to be managed by two different administrators -- regardless
of what IP address they have.
We already have a problem that you have users which create NS records
refering to dns servers of for example Tele2 without talking with
Tele2. I don't think you can stop anyone doing that. It doesn't
matter if the user registering the domain gives the hostname of the
nameserver or a new hostname with same IP-address. You will get the
same problem anyway. It can aswell be one physical host with many
IP-addresses. I.e. who do you ask to verify that the _first_
assignment of a NS to a specific host/IP is correct?
Beliving that the first allocation of that IP-address in the registry
(or registrar) is correct doesn't really solve the problem, or does
it? I don't think so, but correct me if I am wrong.
The easiest way is probably to follow the data model one have in DNS.
paf
---------
See http://www.nsiregistry.com/maillist/rrp/
for message archives and subscription management information.
This archive was generated by hypermail 2b29 : Mon Jul 03 2000 - 13:38:44 EDT