📄 draft-kato-dnsop-local-zones-00.txt
字号:
Internet Engineering Task Force Akira Kato, WIDEINTERNET-DRAFT Paul Vixie, ISCExpires: August 24, 2003 February 24, 2003 Operational Guidelines for "local" zones in the DNS draft-kato-dnsop-local-zones-00.txtStatus of this MemoThis document is an Internet-Draft and is in full conformance with allprovisions of Section 10 of RFC2026.Internet-Drafts are working documents of the Internet Engineering TaskForce (IETF), its areas, and its working groups. Note that other groupsmay also distribute working documents as Internet-Drafts.Internet-Drafts are draft documents valid for a maximum of six monthsand may be updated, replaced, or obsoleted by other documents at anytime. It is inappropriate to use Internet-Drafts as reference materialor to cite them other than as ``work in progress.''To view the list Internet-Draft Shadow Directories, seehttp://www.ietf.org/shadow.html.Distribution of this memo is unlimited.The internet-draft will expire in 6 months. The date of expiration willbe August 24, 2003.AbstractA large number of DNS queries regarding to the "local" zones are sentover the Internet in every second. This memo describes operationalguidelines to reduce the unnecessary DNS traffic as well as the load ofthe Root DNS Servers.1. IntroductionWhile it has yet been described in a RFC, .local is used to provide alocal subspace of the DNS tree. Formal delegation process has not beencompleted for this TLD. In spite of this informal status, .local hasbeen used in many installations regardless of the awareness of theusers. Usually, the local DNS servers are not authoritative to the.local domain, they end up to send queries to the Root DNS Servers.There are several other DNS zones which describe the "local"information. .localhost has been used to describe the localhost formore than a couple of decades and virtually all of the DNS servers areconfigured authoritative for .localhost and its reverse zone .127.in-KATO Expires: August 24, 2003 [Page 1]
DRAFT DNS local zones February 2003addr.arpa. However, there are other "local" zones currently used in theInternet or Intranets connected to the Internet through NATs or similardevices.At a DNS server of an university in Japan, half of the DNS queries sentto one of the 13 Root DNS Servers were regarding to the .local. Atanother DNS Server running in one of the Major ISPs in Japan, the 1/4were .local. If those "local" queries are able to direct other DNSservers than Root, or they can be resolved locally, it contributes thereduction of the Root DNS Servers.2. RationaleAny DNS queries regarding to "local" names should not be sent to the DNSservers on the Internet.3. Operational GuidelinesThose queries should be processed at the DNS servers internal to eachsite so that the severs respond with NXDOMAIN rather than sendingqueries to the DNS servers outside.The "local" names have common DNS suffixes which are listed below:3.1. Local host related zones:Following two zones are described in [Barr, 1996] and .localhost is alsodefined in [Eastlake, 1999] . o .localhost o .127.in-addr.arpaFollowing two zones are for the loopback address in IPv6 [Hinden, 1998]. While the TLD for IPv6 reverse lookup is .arpa as defined in [Bush,2001] , the old TLD .int has been used for this purpose for years[Thomson, 1995] and many implementations still use .int. So it issuggested that both zones should be provided for each IPv6 reverselookup zone for a while. o 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.int o 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa3.2. Locally created name spaceWhile the use of .local has been proposed in several Internet-Drafts, ithas not been described in any Internet documents with formal status.However, the amount of the queries for .local is much larger thanothers, it is suggested to resolve the following zone locally:KATO Expires: August 24, 2003 [Page 2]
DRAFT DNS local zones February 2003 o .local3.3. Private or site-local addressesThe following IPv4 "private" addresses [Rekhter, 1996] and IPv6 site-local addresses [Hinden, 1998] should be resolved locally: o 10.in-addr.arpa o 16.172.in-addr.arpa o 17.172.in-addr.arpa o 18.172.in-addr.arpa o 19.172.in-addr.arpa o 20.172.in-addr.arpa o 21.172.in-addr.arpa o 22.172.in-addr.arpa o 23.172.in-addr.arpa o 24.172.in-addr.arpa o 25.172.in-addr.arpa o 26.172.in-addr.arpa o 27.172.in-addr.arpa o 28.172.in-addr.arpa o 29.172.in-addr.arpa o 30.172.in-addr.arpa o 31.172.in-addr.arpa o 168.192.in-addr.arpa o c.e.f.ip6.int o d.e.f.ip6.int o e.e.f.ip6.int o f.e.f.ip6.int o c.e.f.ip6.arpa o d.e.f.ip6.arpa o e.e.f.ip6.arpa o f.e.f.ip6.arpa3.4. Link-local addressesThe link-local address blocks for IPv4 [IANA, 2002] and IPv6 [Hinden,1998] should be resolved locally: o 254.169.in-addr.arpa o 8.e.f.ip6.int o 9.e.f.ip6.int o a.e.f.ip6.int o b.e.f.ip6.int o 8.e.f.ip6.arpa o 9.e.f.ip6.arpa o a.e.f.ip6.arpa o b.e.f.ip6.arpaKATO Expires: August 24, 2003 [Page 3]
DRAFT DNS local zones February 20034. Suggestions to developers4.1. Suggestions to DNS software implementorsIn order to avoid unnecessary traffic, it is suggested that DNS softwareimplementors provide configuration templates or default configurationsso that the names described in the previous section are resolved locallyrather than sent to other DNS servers in the Internet.4.2. Suggestions to developers of NATs or similar devicesThere are many NAT or similar devices available in the market.Regardless of the availability of DNS Servers in those devices, it issuggested that those devices are able to filter the DNS traffic orrespond to the DNS traffic related to "local" zones by configurationregardless of its ability of DNS service. It is suggested that thisfunctionality is activated by default.5. IANA ConsiderationWhile .local TLD has yet defined officially, there are substantialqueries to the Root DNS Servers as of writing. About 1/4 to 1/2% of thetraffic sent to the Root DNS Servers are related to the .local zone.Therefore, while it is not formally defined, it is suggested that IANAdelegates .local TLD to an organization.The AS112 Project [Vixie, ] serves authoritative DNS service for RFC1918address and the link-local address. It has several DNS server instancesaround the world by using BGP Anycast [Hardie, 2002] . So the AS112Project is one of the candidates to host the .local TLD.Authors' addresses Akira Kato The University of Tokyo, Information Technology Center 2-11-16 Yayoi Bunkyo Tokyo 113-8658, JAPAN Tel: +81 3-5841-2750 Email: kato@wide.ad.jp Paul Vixie Internet Software Consortium 950 Charter Street Redwood City, CA 94063, USA Tel: +1 650-779-7001 Email: vixie@isc.orgKATO Expires: August 24, 2003 [Page 4]
DRAFT DNS local zones February 2003ReferencesTo be filledReferencesBarr, 1996.D. Barr, "Common DNS Operational and Configuration Errors" in RFC1912(February 1996).Eastlake, 1999.D. Eastlake, "Reserved Top Level DNS Names" in RFC2606 (June 1999).Hinden, 1998.R. Hinden and S. Deering, "IP Version 6 Addressing Architecture" inRFC2373 (July 1998).Bush, 2001.R. Bush, "Delegation of IP6.ARPA" in RFC3152 (August 2001).Thomson, 1995.S. Thomson and C. Huitema, "DNS Extensions to support IP version 6" inRFC1886 (December 1995).Rekhter, 1996.Y. Rekhter, B. Moskowitz, D. Karrenberg, G. J. de Groot, and E. Lear,"Address Allocation for Private Internets" in RFC1918 (February 1996).IANA, 2002.IANA, "Special-Use IPv4 Addresses" in RFC3330 (September 2002).Vixie, .P. Vixie, "AS112 Project" in AS112. http://www.as112.net/.Hardie, 2002.T. Hardie, "Distributing Authoritative Name Servers via Shared UnicastAddresses" in RFC3258 (April 2002).KATO Expires: August 24, 2003 [Page 5]
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -