draft-ietf-dnsop-default-local-zones-13.txt   draft-ietf-dnsop-default-local-zones-14.txt 
Network Working Group M. Andrews Network Working Group M. Andrews
Internet-Draft ISC Internet-Draft ISC
Intended status: BCP May 1, 2010 Intended status: BCP September 22, 2010
Expires: November 2, 2010 Expires: March 26, 2011
Locally-served DNS Zones Locally-served DNS Zones
draft-ietf-dnsop-default-local-zones-13 draft-ietf-dnsop-default-local-zones-14
Abstract Abstract
Experience with the Domain Name System (DNS) has shown that there are Experience with the Domain Name System (DNS) has shown that there are
a number of DNS zones all iterative resolvers and recursive a number of DNS zones all iterative resolvers and recursive
nameservers should automatically serve, unless configured otherwise. nameservers should automatically serve, unless configured otherwise.
RFC 4193 specifies that this should occur for D.F.IP6.ARPA. This RFC 4193 specifies that this should occur for D.F.IP6.ARPA. This
document extends the practice to cover the IN-ADDR.ARPA zones for RFC document extends the practice to cover the IN-ADDR.ARPA zones for RFC
1918 address space and other well known zones with similar 1918 address space and other well known zones with similar
characteristics. characteristics.
skipping to change at page 1, line 36 skipping to change at page 1, line 36
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/. Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on November 2, 2010. This Internet-Draft will expire on March 26, 2011.
Copyright Notice Copyright Notice
Copyright (c) 2010 IETF Trust and the persons identified as the Copyright (c) 2010 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of (http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
skipping to change at page 3, line 18 skipping to change at page 3, line 18
1.1. Reserved Words . . . . . . . . . . . . . . . . . . . . . . 4 1.1. Reserved Words . . . . . . . . . . . . . . . . . . . . . . 4
2. Effects on sites using RFC 1918 addresses. . . . . . . . . . . 5 2. Effects on sites using RFC 1918 addresses. . . . . . . . . . . 5
3. Changes to Iterative Resolver Behaviour. . . . . . . . . . . . 5 3. Changes to Iterative Resolver Behaviour. . . . . . . . . . . . 5
4. Lists Of Zones Covered . . . . . . . . . . . . . . . . . . . . 6 4. Lists Of Zones Covered . . . . . . . . . . . . . . . . . . . . 6
4.1. RFC1918 Zones . . . . . . . . . . . . . . . . . . . . . . 6 4.1. RFC1918 Zones . . . . . . . . . . . . . . . . . . . . . . 6
4.2. RFC5735 and RFC5737 Zones . . . . . . . . . . . . . . . . 7 4.2. RFC5735 and RFC5737 Zones . . . . . . . . . . . . . . . . 7
4.3. Local IPv6 Unicast Addresses . . . . . . . . . . . . . . . 7 4.3. Local IPv6 Unicast Addresses . . . . . . . . . . . . . . . 7
4.4. IPv6 Locally Assigned Local Addresses . . . . . . . . . . 8 4.4. IPv6 Locally Assigned Local Addresses . . . . . . . . . . 8
4.5. IPv6 Link Local Addresses . . . . . . . . . . . . . . . . 8 4.5. IPv6 Link Local Addresses . . . . . . . . . . . . . . . . 8
4.6. IPv6 Example Prefix . . . . . . . . . . . . . . . . . . . 8 4.6. IPv6 Example Prefix . . . . . . . . . . . . . . . . . . . 8
4.7. ORCHID Prefix . . . . . . . . . . . . . . . . . . . . . . 8 5. Zones that are Out-Of-Scope . . . . . . . . . . . . . . . . . 8
5. Zones that are Out-Of-Scope . . . . . . . . . . . . . . . . . 9
6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 9 6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 9
7. Security Considerations . . . . . . . . . . . . . . . . . . . 10 7. Security Considerations . . . . . . . . . . . . . . . . . . . 9
8. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 10 8. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 10
9. References . . . . . . . . . . . . . . . . . . . . . . . . . . 10 9. References . . . . . . . . . . . . . . . . . . . . . . . . . . 10
9.1. Normative References . . . . . . . . . . . . . . . . . . . 10 9.1. Normative References . . . . . . . . . . . . . . . . . . . 10
9.2. Informative References . . . . . . . . . . . . . . . . . . 11 9.2. Informative References . . . . . . . . . . . . . . . . . . 11
Appendix A. Change History [To Be Removed on Publication] . . . . 12 Appendix A. Change History [To Be Removed on Publication] . . . . 11
A.1. draft-ietf-dnsop-default-local-zones-13.txt . . . . . . . 12 A.1. draft-ietf-dnsop-default-local-zones-14.txt . . . . . . . 12
A.2. draft-ietf-dnsop-default-local-zones-12.txt . . . . . . . 12 A.2. draft-ietf-dnsop-default-local-zones-13.txt . . . . . . . 12
A.3. draft-ietf-dnsop-default-local-zones-11.txt . . . . . . . 12 A.3. draft-ietf-dnsop-default-local-zones-12.txt . . . . . . . 12
A.4. draft-ietf-dnsop-default-local-zones-10.txt . . . . . . . 12 A.4. draft-ietf-dnsop-default-local-zones-11.txt . . . . . . . 12
A.5. draft-ietf-dnsop-default-local-zones-09.txt . . . . . . . 12 A.5. draft-ietf-dnsop-default-local-zones-10.txt . . . . . . . 12
A.6. draft-ietf-dnsop-default-local-zones-08.txt . . . . . . . 12 A.6. draft-ietf-dnsop-default-local-zones-09.txt . . . . . . . 12
A.7. draft-ietf-dnsop-default-local-zones-07.txt . . . . . . . 12 A.7. draft-ietf-dnsop-default-local-zones-08.txt . . . . . . . 12
A.8. draft-ietf-dnsop-default-local-zones-06.txt . . . . . . . 12 A.8. draft-ietf-dnsop-default-local-zones-07.txt . . . . . . . 12
A.9. draft-ietf-dnsop-default-local-zones-05.txt . . . . . . . 13 A.9. draft-ietf-dnsop-default-local-zones-06.txt . . . . . . . 12
A.10. draft-ietf-dnsop-default-local-zones-04.txt . . . . . . . 13 A.10. draft-ietf-dnsop-default-local-zones-05.txt . . . . . . . 12
A.11. draft-ietf-dnsop-default-local-zones-03.txt . . . . . . . 13 A.11. draft-ietf-dnsop-default-local-zones-04.txt . . . . . . . 12
A.12. draft-ietf-dnsop-default-local-zones-02.txt . . . . . . . 13 A.12. draft-ietf-dnsop-default-local-zones-03.txt . . . . . . . 13
A.13. draft-ietf-dnsop-default-local-zones-01.txt . . . . . . . 13 A.13. draft-ietf-dnsop-default-local-zones-02.txt . . . . . . . 13
A.14. draft-ietf-dnsop-default-local-zones-00.txt . . . . . . . 13 A.14. draft-ietf-dnsop-default-local-zones-01.txt . . . . . . . 13
A.15. draft-andrews-full-service-resolvers-03.txt . . . . . . . 13 A.15. draft-ietf-dnsop-default-local-zones-00.txt . . . . . . . 13
A.16. draft-andrews-full-service-resolvers-02.txt . . . . . . . 14 A.16. draft-andrews-full-service-resolvers-03.txt . . . . . . . 13
Author's Address . . . . . . . . . . . . . . . . . . . . . . . . . 14 A.17. draft-andrews-full-service-resolvers-02.txt . . . . . . . 13
Author's Address . . . . . . . . . . . . . . . . . . . . . . . . . 13
1. Introduction 1. Introduction
Experience with the Domain Name System (DNS, [RFC1034] and [RFC1035]) Experience with the Domain Name System (DNS, [RFC1034] and [RFC1035])
has shown that there are a number of DNS zones that all iterative has shown that there are a number of DNS zones that all iterative
resolvers and recursive nameservers SHOULD automatically serve, resolvers and recursive nameservers SHOULD automatically serve,
unless intentionally configured otherwise. These zones include, but unless intentionally configured otherwise. These zones include, but
are not limited to, the IN-ADDR.ARPA zones for the address space are not limited to, the IN-ADDR.ARPA zones for the address space
allocated by [RFC1918] and the IP6.ARPA zones for locally assigned allocated by [RFC1918] and the IP6.ARPA zones for locally assigned
unique local IPv6 addresses defined in [RFC4193]. unique local IPv6 addresses defined in [RFC4193].
skipping to change at page 6, line 20 skipping to change at page 6, line 20
SOA timer values MAY be chosen arbitrarily since they are not SOA timer values MAY be chosen arbitrarily since they are not
intended to control any zone transfer activity. intended to control any zone transfer activity.
The NS RR is needed as some UPDATE [RFC2136] clients use NS queries The NS RR is needed as some UPDATE [RFC2136] clients use NS queries
to discover the zone to be updated. Having no address records for to discover the zone to be updated. Having no address records for
the name server is expected to abort UPDATE processing in the client. the name server is expected to abort UPDATE processing in the client.
4. Lists Of Zones Covered 4. Lists Of Zones Covered
The following subsections are intended to seed the IANA registry as The following subsections are intended to seed the IANA registry as
requested in the IANA Considerations Section. The zone name is the requested in the IANA Considerations Section. Following the caveat
entity to be registered. in that section, the list contains only reverse zones corresponding
to permanently assigned address space. The zone name is the entity
to be registered.
4.1. RFC1918 Zones 4.1. RFC1918 Zones
The following zones correspond to the IPv4 address space reserved in The following zones correspond to the IPv4 address space reserved in
[RFC1918]. [RFC1918].
+----------------------+ +----------------------+
| Zone | | Zone |
+----------------------+ +----------------------+
| 10.IN-ADDR.ARPA | | 10.IN-ADDR.ARPA |
skipping to change at page 8, line 41 skipping to change at page 8, line 41
IPv6 example prefix [RFC3849]. IPv6 example prefix [RFC3849].
+--------------------------+ +--------------------------+
| Zone | | Zone |
+--------------------------+ +--------------------------+
| 8.B.D.0.1.0.0.2.IP6.ARPA | | 8.B.D.0.1.0.0.2.IP6.ARPA |
+--------------------------+ +--------------------------+
Note: 8.B.D.0.1.0.0.2.IP6.ARPA is not being used as an example here. Note: 8.B.D.0.1.0.0.2.IP6.ARPA is not being used as an example here.
4.7. ORCHID Prefix
[RFC4843].
+----------------------+
| Zone |
+----------------------+
| 0.1.1.0.0.2.IP6.ARPA |
+----------------------+
5. Zones that are Out-Of-Scope 5. Zones that are Out-Of-Scope
IPv6 site-local addresses (deprecated, see [RFC4291] Sections 2.4 and IPv6 site-local addresses (deprecated, see [RFC4291] Sections 2.4 and
2.5.7), and IPv6 Non-Locally Assigned Local addresses ([RFC4193]) are 2.5.7), and IPv6 Non-Locally Assigned Local addresses ([RFC4193]) are
not covered here. not covered here.
It is expected that IPv6 site-local addresses will be self correcting It is expected that IPv6 site-local addresses will be self correcting
as IPv6 implementations remove support for site-local addresses. as IPv6 implementations remove support for site-local addresses.
However, sacrificial servers for the zones C.E.F.IP6.ARPA through However, sacrificial servers for the zones C.E.F.IP6.ARPA through
F.E.F.IP6.ARPA may still need to be deployed in the short term if the F.E.F.IP6.ARPA may still need to be deployed in the short term if the
skipping to change at page 9, line 46 skipping to change at page 9, line 34
6. IANA Considerations 6. IANA Considerations
This document requests that IANA establish a registry of zones which This document requests that IANA establish a registry of zones which
require this default behaviour. The initial contents of this require this default behaviour. The initial contents of this
registry are defined in Section 4. Implementors are encouraged to registry are defined in Section 4. Implementors are encouraged to
periodically check this registry and adjust their implementations to periodically check this registry and adjust their implementations to
reflect changes therein. reflect changes therein.
This registry can be amended through "IETF Review" as per [RFC5226]. This registry can be amended through "IETF Review" as per [RFC5226].
As part of this review process it should be noted that once a zone is
added it is effectively added permanently; once an address range
starts being configured as a local zone in systems on the Internet,
it will be impossible to reverse those changes.
IANA should co-ordinate with the RIRs to ensure that, as DNSSEC is IANA should co-ordinate with the RIRs to ensure that, as DNSSEC is
deployed in the reverse tree, delegations for these zones are made in deployed in the reverse tree, delegations for these zones are made in
the manner described in Section 7. the manner described in Section 7.
7. Security Considerations 7. Security Considerations
During the initial deployment phase, particularly where [RFC1918] During the initial deployment phase, particularly where [RFC1918]
addresses are in use, there may be some clients that unexpectedly addresses are in use, there may be some clients that unexpectedly
receive a name error rather than a PTR record. This may cause some receive a name error rather than a PTR record. This may cause some
skipping to change at page 11, line 25 skipping to change at page 11, line 18
[RFC4159] Huston, G., "Deprecation of "ip6.int"", BCP 109, RFC 4159, [RFC4159] Huston, G., "Deprecation of "ip6.int"", BCP 109, RFC 4159,
August 2005. August 2005.
[RFC4193] Hinden, R. and B. Haberman, "Unique Local IPv6 Unicast [RFC4193] Hinden, R. and B. Haberman, "Unique Local IPv6 Unicast
Addresses", RFC 4193, October 2005. Addresses", RFC 4193, October 2005.
[RFC4291] Hinden, R. and S. Deering, "IP Version 6 Addressing [RFC4291] Hinden, R. and S. Deering, "IP Version 6 Addressing
Architecture", RFC 4291, February 2006. Architecture", RFC 4291, February 2006.
[RFC4843] Nikander, P., Laganier, J., and F. Dupont, "An IPv6 Prefix
for Overlay Routable Cryptographic Hash Identifiers
(ORCHID)", RFC 4843, April 2007.
[RFC5226] Narten, T. and H. Alvestrand, "Guidelines for Writing an [RFC5226] Narten, T. and H. Alvestrand, "Guidelines for Writing an
IANA Considerations Section in RFCs", BCP 26, RFC 5226, IANA Considerations Section in RFCs", BCP 26, RFC 5226,
October 2008. October 2008.
9.2. Informative References 9.2. Informative References
[AS112] "AS112 Project", <http://www.as112.net/>. [AS112] "AS112 Project", <http://www.as112.net/>.
[I-D.draft-ietf-dnsop-as112-ops] [I-D.draft-ietf-dnsop-as112-ops]
Abley, J. and W. Maton, "AS112 Nameserver Operations", Abley, J. and W. Maton, "AS112 Nameserver Operations",
draft-ietf-dnsop-as112-ops-03 (work in progress), draft-ietf-dnsop-as112-ops-04 (work in progress),
October 2009. July 2010.
[I-D.draft-ietf-dnsop-as112-under-attack-help-help] [I-D.draft-ietf-dnsop-as112-under-attack-help-help]
Abley, J. and W. Maton, "I'm Being Attacked by Abley, J. and W. Maton, "I'm Being Attacked by
PRISONER.IANA.ORG!", PRISONER.IANA.ORG!",
draft-ietf-dnsop-as112-under-attack-help-help-03 (work in draft-ietf-dnsop-as112-under-attack-help-help-04 (work in
progress), October 2009. progress), July 2010.
[RFC3849] Huston, G., Lord, A., and P. Smith, "IPv6 Address Prefix [RFC3849] Huston, G., Lord, A., and P. Smith, "IPv6 Address Prefix
Reserved for Documentation", RFC 3849, July 2004. Reserved for Documentation", RFC 3849, July 2004.
[RFC5735] Cotton, M. and L. Vergoda, "Special-Use IPv4 Addresses", [RFC5735] Cotton, M. and L. Vergoda, "Special-Use IPv4 Addresses",
RFC 5735, January 2010. RFC 5735, January 2010.
[RFC5737] Arkko, J., Cotton, M., and L. Vergoda, "IPv4 Address [RFC5737] Arkko, J., Cotton, M., and L. Vergoda, "IPv4 Address
Blocks Reserved for Documentation", RFC 5737, Blocks Reserved for Documentation", RFC 5737,
January 2010. January 2010.
Appendix A. Change History [To Be Removed on Publication] Appendix A. Change History [To Be Removed on Publication]
A.1. draft-ietf-dnsop-default-local-zones-14.txt
A.1. draft-ietf-dnsop-default-local-zones-13.txt Removed ORCHID prefix.
A.2. draft-ietf-dnsop-default-local-zones-13.txt
Inclusion of ORCHID prefix. Inclusion of ORCHID prefix.
reference updates. reference updates.
A.2. draft-ietf-dnsop-default-local-zones-12.txt A.3. draft-ietf-dnsop-default-local-zones-12.txt
Update IP6.INT's non inclusion rational. Update IP6.INT's non inclusion rational.
Removed Appendix B, which requested BCP status, as it was redundant. Removed Appendix B, which requested BCP status, as it was redundant.
A.3. draft-ietf-dnsop-default-local-zones-11.txt A.4. draft-ietf-dnsop-default-local-zones-11.txt
Change RFC 3330 to RFC 5735 Change RFC 3330 to RFC 5735
A.4. draft-ietf-dnsop-default-local-zones-10.txt A.5. draft-ietf-dnsop-default-local-zones-10.txt
added RFC 5737 zones added RFC 5737 zones
A.5. draft-ietf-dnsop-default-local-zones-09.txt A.6. draft-ietf-dnsop-default-local-zones-09.txt
refresh awaiting writeup refresh awaiting writeup
A.6. draft-ietf-dnsop-default-local-zones-08.txt A.7. draft-ietf-dnsop-default-local-zones-08.txt
editorial, reference updates editorial, reference updates
A.7. draft-ietf-dnsop-default-local-zones-07.txt A.8. draft-ietf-dnsop-default-local-zones-07.txt
none, expiry prevention none, expiry prevention
A.8. draft-ietf-dnsop-default-local-zones-06.txt A.9. draft-ietf-dnsop-default-local-zones-06.txt
add IPv6 example prefix add IPv6 example prefix
A.9. draft-ietf-dnsop-default-local-zones-05.txt A.10. draft-ietf-dnsop-default-local-zones-05.txt
none, expiry prevention none, expiry prevention
A.10. draft-ietf-dnsop-default-local-zones-04.txt A.11. draft-ietf-dnsop-default-local-zones-04.txt
Centrally Assigned Local addresses -> Non-Locally Assigned Local Centrally Assigned Local addresses -> Non-Locally Assigned Local
address address
A.11. draft-ietf-dnsop-default-local-zones-03.txt A.12. draft-ietf-dnsop-default-local-zones-03.txt
expanded section 4 descriptions expanded section 4 descriptions
Added references [RFC2136], [RFC3596], Added references [RFC2136], [RFC3596],
[I-D.draft-ietf-dnsop-as112-ops] and [I-D.draft-ietf-dnsop-as112-ops] and
[I-D.draft-ietf-dnsop-as112-under-attack-help-help]. [I-D.draft-ietf-dnsop-as112-under-attack-help-help].
Revised language. Revised language.
A.12. draft-ietf-dnsop-default-local-zones-02.txt A.13. draft-ietf-dnsop-default-local-zones-02.txt
RNAME now "nobody.invalid." RNAME now "nobody.invalid."
Revised language. Revised language.
A.13. draft-ietf-dnsop-default-local-zones-01.txt A.14. draft-ietf-dnsop-default-local-zones-01.txt
Revised impact description. Revised impact description.
Updated to reflect change in IP6.INT status. Updated to reflect change in IP6.INT status.
A.14. draft-ietf-dnsop-default-local-zones-00.txt A.15. draft-ietf-dnsop-default-local-zones-00.txt
Adopted by DNSOP. Adopted by DNSOP.
"Author's Note" re-titled "Zones that are Out-Of-Scope" "Author's Note" re-titled "Zones that are Out-Of-Scope"
Add note that these zone are expected to seed the IANA registry. Add note that these zone are expected to seed the IANA registry.
Title changed. Title changed.
A.15. draft-andrews-full-service-resolvers-03.txt A.16. draft-andrews-full-service-resolvers-03.txt
Added "Proposed Status". Added "Proposed Status".
A.16. draft-andrews-full-service-resolvers-02.txt A.17. draft-andrews-full-service-resolvers-02.txt
Added 0.IN-ADDR.ARPA. Added 0.IN-ADDR.ARPA.
Author's Address Author's Address
Mark P. Andrews Mark P. Andrews
Internet Systems Consortium Internet Systems Consortium
950 Charter Street 950 Charter Street
Redwood City, CA 94063 Redwood City, CA 94063
US US
 End of changes. 29 change blocks. 
61 lines changed or deleted 56 lines changed or added

This html diff was produced by rfcdiff 1.39. The latest version is available from http://tools.ietf.org/tools/rfcdiff/