[prop-038] proposal to amend apnic lame dns reverse delegation policy
DESCRIPTION
[prop-038] Proposal to amend APNIC Lame DNS reverse delegation policy. Policy SIG 7 Sep 2006 APNIC 22, Kaohsiung, Taiwan Terry Manderson. Proposal. To make an editorial update to the definition of lameness for the APNIC lame delegation policy. Motivation. - PowerPoint PPT PresentationTRANSCRIPT
![Page 1: [prop-038] Proposal to amend APNIC Lame DNS reverse delegation policy](https://reader036.vdocuments.us/reader036/viewer/2022082819/56813cec550346895da6981e/html5/thumbnails/1.jpg)
1
[prop-038] Proposal to amend APNIC Lame DNS reverse delegation policy
Policy SIG7 Sep 2006
APNIC 22, Kaohsiung, Taiwan
Terry Manderson
![Page 2: [prop-038] Proposal to amend APNIC Lame DNS reverse delegation policy](https://reader036.vdocuments.us/reader036/viewer/2022082819/56813cec550346895da6981e/html5/thumbnails/2.jpg)
2
Proposal
• To make an editorial update to the definition of lameness for the APNIC lame delegation policy
![Page 3: [prop-038] Proposal to amend APNIC Lame DNS reverse delegation policy](https://reader036.vdocuments.us/reader036/viewer/2022082819/56813cec550346895da6981e/html5/thumbnails/3.jpg)
3
Motivation
• Update the definition of ‘lame’ for– Best practice– RIR consistency
• Clarify the function of the policy
• APNIC has a preexisting lame policy
![Page 4: [prop-038] Proposal to amend APNIC Lame DNS reverse delegation policy](https://reader036.vdocuments.us/reader036/viewer/2022082819/56813cec550346895da6981e/html5/thumbnails/4.jpg)
4
Comparison
• prop-004-v001– Valid answer for SOA– SOA contents not checked
• prop-038– Valid answer for SOA– Authority bit (AA) set– SOA contents not checked
![Page 5: [prop-038] Proposal to amend APNIC Lame DNS reverse delegation policy](https://reader036.vdocuments.us/reader036/viewer/2022082819/56813cec550346895da6981e/html5/thumbnails/5.jpg)
5
Lame definition
• Using UDP query, a valid delegation is:– The delegated nameserver provides a valid
answer for the SOA record of the domain– Returned answer is authoritative (AA bit
set)
• Failure of any of the above checks is a lame state
• NOTE– SOA data consistency will still be
unchecked, ie. serial
![Page 6: [prop-038] Proposal to amend APNIC Lame DNS reverse delegation policy](https://reader036.vdocuments.us/reader036/viewer/2022082819/56813cec550346895da6981e/html5/thumbnails/6.jpg)
6
Benefits
• APNIC becomes consistent with– Best practice– RIR definition
• Flexibility to implement a member friendly procedure
• No adverse effect on members– Members already delegated this way
![Page 7: [prop-038] Proposal to amend APNIC Lame DNS reverse delegation policy](https://reader036.vdocuments.us/reader036/viewer/2022082819/56813cec550346895da6981e/html5/thumbnails/7.jpg)
7
Implementation
• 2 weeks after EC endorsement– Update operational procedure on the
APNIC website– Apply changes to DNS checking software
![Page 8: [prop-038] Proposal to amend APNIC Lame DNS reverse delegation policy](https://reader036.vdocuments.us/reader036/viewer/2022082819/56813cec550346895da6981e/html5/thumbnails/8.jpg)
8
Summary
• Seeking consensus from the community to update the definition of lameness for the APNIC lame delegation policy
![Page 9: [prop-038] Proposal to amend APNIC Lame DNS reverse delegation policy](https://reader036.vdocuments.us/reader036/viewer/2022082819/56813cec550346895da6981e/html5/thumbnails/9.jpg)