draft-ietf-dnsop-ipv6-dns-configuration-02.txt

bind 9.3结合mysql数据库

5.4.3 Case C: A dual-stack gateway connected to an IPv4-only ISP 
    
   This is similar to Case B.  If a gateway provides IPv6 connectivity
   by managing tunnels, then it is also supposed to provide access to 
   an RDNSS.  Like this, the tunnel for IPv6 connectivity originates 
   from the dual-stack gateway instead of the host. 
    
5.4.4 Case D: A gateway connected to an IPv6-only ISP 
    
   This is similar to Case B. 
    
6. Security Considerations 
    
   As security requirements depend solely on applications and are 
   different application by application, there can be no generic 
   requirement defined at higher IP or lower application layer of DNS.
    
   However, it should be noted that cryptographic security requires 
   configured secret information that full autoconfiguration and 
   cryptographic security are mutually exclusive.  People insisting on
   secure full autoconfiguration will get false security, false 
   autoconfiguration or both. 
    
   In some deployment scenario [19], where cryptographic security is 
   required for applications, secret information for the cryptographic
   security is preconfigured through which application specific 
   configuration data, including those for DNS, can be securely 
   configured.  It should be noted that if applications requiring 
   cryptographic security depend on DNS, the applications also require
   cryptographic security to DNS.  Therefore, the full auto-
   configuration of DNS is not acceptable. 
    
   However, with full autoconfiguration, weaker but still reasonable 
   security is being widely accepted and will continue to be 
   acceptable.  That is, with full autoconfiguration, which means 
   there is no cryptographic security for the autoconfiguration, it is
   already assumed that local environment is secure enough that 
   information from local autoconfiguration server has acceptable 
   security even without cryptographic security.  Thus, communication 
   between a local DNS client and a local DNS server has the 
   acceptable security. 
    
   For security considerations of each approach, refer to the 
   corresponding drafts [5]-[9]. 
    
7. Acknowledgements 
    

 
 
Jeong, et al.             Expires - January 2005             [Page 19] 
 
Internet-Draft     IPv6 Host Configuration of DNS Server     July 2004 
 
 
   This draft has greatly benefited from inputs by David Meyer, Rob 
   Austein, Tatuya Jinmei, Pekka Savola, Tim Chown, Luc Beloeil, 
   Christian Huitema, and Thomas Narten.  The authors appreciate their
   contribution. 
    
8. Normative References 
    
   [1]  S. Bradner, "Intellectual Property Rights in IETF Technology",
        RFC 3668, February 2004.  
    
   [2]  S. Bradner, "IETF Rights in Contributions", RFC 3667, February
        2004. 
    
   [3]  T. Narten, E. Nordmark and W. Simpson, "Neighbor Discovery for
        IP Version 6 (IPv6)", RFC 2461, December 1998. 
    
   [4]  S. Thomson and T. Narten, "IPv6 Stateless Address 
        Autoconfiguration", RFC 2462, December 1998. 
    
   [5]  R. Droms et al., "Dynamic Host Configuration Protocol for IPv6
        (DHCPv6)", RFC 3315, July 2003. 
    
   [6]  R. Droms, "Stateless Dynamic Host Configuration Protocol 
        (DHCP) Service for IPv6", RFC 3736, April 2004. 
    
   [7]  R. Droms et al., "DNS Configuration options for Dynamic Host 
        Configuration Protocol for IPv6 (DHCPv6)", RFC 3646, December 
        2003. 
    
9. Informative References 
    
   [8]  J. Jeong, S. Park, L. Beloeil and S. Madanapalli, "IPv6 DNS 
        Discovery based on Router Advertisement", draft-jeong-dnsop-
        ipv6-dns-discovery-02.txt, July 2004. 
    
   [9]  M. Ohta, "Preconfigured DNS Server Addresses", draft-ohta-
        preconfigured-dns-01.txt, February 2004. 
    
   [10] S. Venaas and T. Chown, "Lifetime Option for DHCPv6", draft-
        ietf-dhc-lifetime-00.txt, March 2004. 
    
   [11] C. Partridge, T. Mendez and W. Milliken, "Host Anycasting 
        Service", RFC 1546, November 1993. 
    
   [12] R. Hinden and S. Deering, "Internet Protocol Version 6 (IPv6)
        Addressing Architecture", RFC 3513, April 2003. 
    

 
 
Jeong, et al.             Expires - January 2005             [Page 20] 
 
Internet-Draft     IPv6 Host Configuration of DNS Server     July 2004 
 
 
   [13] M. Lind et al., "Scenarios and Analysis for Introduction IPv6
        into ISP Networks", draft-ietf-v6ops-isp-scenarios-analysis-
        02.txt, April 2004. 
    
   [14] J. Arkko et al., "SEcure Neighbor Discovery (SEND)", draft-
        ietf-send-ndopt-05.txt, April 2004. 
    
   [15] R. Droms and W. Arbaugh, "Authentication for DHCP Messages", 
        RFC 3118, June 2001. 
    
   [16] J. Bound et al., "IPv6 Enterprise Network Scenarios", draft-
        ietf-v6ops-ent-scenarios-01.txt, February 2004. 
    
   [17] O. Troan and R. Droms, "IPv6 Prefix Options for Dynamic Host 
        Configuration Protocol (DHCP) version 6", RFC 3633, December 
        2003. 
    
   [18] M. Wasserman, Ed., "Recommendations for IPv6 in 3GPP     
        Standards", RFC 3314, September 2002. 
    
   [19] J. Soininen, Ed., "Transition Scenarios for 3GPP Networks", 
        RFC 3574, August 2003. 
    
   [20] J. Wiljakka, Ed., "Analysis on IPv6 Transition in 3GPP     
        Networks", draft-ietf-v6ops-3gpp-analysis-09.txt, March 2004. 
    
   [21] 3GPP TS 23.060 V5.4.0, "General Packet Radio Service (GPRS); 
        Service description; Stage 2 (Release 5)", December 2002. 
    
   [22] 3GPP TS 24.008 V5.8.0, "Mobile radio interface Layer 3 
        specification; Core network protocols; Stage 3 (Release 5)",
        June 2003. 
    
   [23] T. Chown, S. Venaas and A. Vijayabhaskar, "Renumbering  
        Requirements for Stateless DHCPv6", draft-ietf-dhc-stateless-
        dhcpv6-renumbering-00.txt, March 2004. 
    
   [24] C. Huitema et al., "Unmanaged Networks IPv6 Transition 
        Scenarios", RFC 3750, April 2004. 
    
10. Authors' Addresses 
    
   Jaehoon Paul Jeong, Editor 
   ETRI / PEC 
   161 Gajeong-dong, Yuseong-gu 
   Daejeon 305-350 
   Korea 
    
 
 
Jeong, et al.             Expires - January 2005             [Page 21] 
 
Internet-Draft     IPv6 Host Configuration of DNS Server     July 2004 
 
 
   Phone: +82 42 860 1664 
   Fax: +82 42 861 5404 
   EMail: paul@etri.re.kr 
    
   Ralph Droms 
   Cisco Systems 
   1414 Massachusetts Ave. 
   Boxboro, MA 01719 
   USA 
    
   Phone: +1 978 936 1674 
   EMail: rdroms@cisco.com 
    
   Robert M. Hinden 
   Nokia 
   313 Fairchild Drive 
   Mountain View, CA 94043 
   USA 
    
   Phone: +1 650 625 2004 
   EMail: bob.hinden@nokia.com 
    
   Ted Lemon 
   Nominum, Inc. 
   950 Charter Street 
   Redwood City, CA 94043 
   USA 
    
   EMail: Ted.Lemon@nominum.com 
    
   Masataka Ohta 
   Graduate School of Information Science and Engineering 
   Tokyo Institute of Technology 
   2-12-1, O-okayama, Meguro-ku 
   Tokyo 152-8552 
   Japan 
    
   Phone: +81 3 5734 3299 
   Fax: +81 3 5734 3299 
   EMail: mohta@necom830.hpcl.titech.ac.jp 
    
   Soohong Daniel Park 
   Mobile Platform Laboratory, SAMSUNG Electronics 
   416, Maetan-3dong, Paldal-gu, Suwon 
   Gyeonggi-Do 
   Korea 
    
   Phone: +82 31 200 4508 
 
 
Jeong, et al.             Expires - January 2005             [Page 22] 
 
Internet-Draft     IPv6 Host Configuration of DNS Server     July 2004 
 
 
   EMail: soohong.park@samsung.com 
    
   Suresh Satapati 
   Cisco Systems, Inc. 
   San Jose, CA 95134 
   USA 
    
   EMail: satapati@cisco.com 
    
   Juha Wiljakka 
   Nokia 
   Visiokatu 3 
   FIN-33720 TAMPERE 
   Finland 
    
   Phone: +358 7180 48372 
   EMail: juha.wiljakka@nokia.com 
    
Intellectual Property Statement 
    
   The following intellectual property notice is copied from RFC3668,
   Section 5. 
    
   The IETF takes no position regarding the validity or scope of any 
   Intellectual Property Rights or other rights that might be claimed 
   to pertain to the implementation or use of the technology described
   in this document or the extent to which any license under such 
   rights might or might not be available; nor does it represent that 
   it has made any independent effort to identify any such rights.  
   Information on the procedures with respect to rights in RFC 
   documents can be found in BCP 78 and BCP 79. 
    
   Copies of IPR disclosures made to the IETF Secretariat and any 
   assurances of licenses to be made available, or the result of an 
   attempt made to obtain a general license or permission for the use 
   of such proprietary rights by implementers or users of this 
   specification can be obtained from the IETF on-line IPR repository 
   at http://www.ietf.org/ipr. 
    
   The IETF invites any interested party to bring to its attention any
   copyrights, patents or patent applications, or other proprietary 
   rights that may cover technology that may be required to implement 
   this standard.  Please address the information to the IETF at ietf-
   ipr@ietf.org. 
    
Full Copyright Statement 
    

 
 
Jeong, et al.             Expires - January 2005             [Page 23] 
 
Internet-Draft     IPv6 Host Configuration of DNS Server     July 2004 
 
 
   The following copyright notice is copied from RFC3667, Section 5.4.
   It describes the applicable copyright for this document. 
    
   Copyright (C) The Internet Society (2004).  This document is 
   subject to the rights, licenses and restrictions contained in BCP 
   78, and except as set forth therein, the authors retain all their 
   rights. 
    
   This document and the information contained herein are provided on 
   an "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE 
   REPRESENTS OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND 
   THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, 
   EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT 
   THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR 
   ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A 
   PARTICULAR PURPOSE. 
    
Acknowledgement 
    
   Funding for the RFC Editor function is currently provided by the 
   Internet Society. 



























 
 
Jeong, et al.             Expires - January 2005             [Page 24]