Re: A comment about RFC 3484 address selection

To: debian-ctte@lists.debian.org
Subject: Re: A comment about RFC 3484 address selection
From: Kurt Roeckx <kurt@roeckx.be>
Date: Tue, 25 Sep 2007 20:37:33 +0200
Message-id: <[🔎] 20070925183733.GA5667@roeckx.be>
Mail-followup-to: debian-ctte@lists.debian.org
In-reply-to: <[🔎] 20070925012109.GA30249@roeckx.be>
References: <[🔎] 20070924203416.GA26770@scowler.net> <[🔎] 20070925012109.GA30249@roeckx.be>

On Tue, Sep 25, 2007 at 03:21:09AM +0200, Kurt Roeckx wrote:
> 
> There are 2 ways to look at this.  One is from the point of people
> writing an application that connects to some server.  The other is from
> people running the servers.
> 
> There are dns server implementations that rotates the list of A-records,
> so that the load gets distributed over the servers.  People setting up
> that software know that, and rely on the behaviour.  They expect
> the client software to select a semi random IP address.

Nobody seems to have explained the different cases yet someone might
want to add several addresses to a hostname.  So I'm going to try and
sum up what I think are the use cases for it, and how rule 9 affects it.

- You might want to set up several servers in the same network segment,
  and all your clients are in the same segment too.  For instance
  you add 1.0.0.2 and 1.0.0.3.  All clients are in 1.0.0.0/24.

  In this case, there is no need for rule 9.  It might result in 
  clients prefering one over another in some cases, but it's probably
  not harmful.

- A simular case is that you have 2 segments, 1.0.0.0/24 and 1.0.1.0/24,
  and you add a 1.0.0.2 and 1.0.1.2.  Now you want clients to connect
  to the one from it's own segment, and fall back to the other if it
  fails.

  In this case rule 9 might be useful.  But I would rather see that this
  fall under rule 2 and/or 8, and that such address would be considered
  one with a site-local scope.  It could potentially also fall under
  rule 4.  It's also something that can perfectly be configured in the
  policy.

- You might want to have several server in the same network segment
  but have your clients in an other network segment.  For instance
  the servers are in 1.0.0.0/24 and the clients in 1.0.1.0/24.

  In this case rule 9 is not going to have any effect.

- Another example is that the servers are provided by different people,
  and they're spread over the internet.  There generally is no relation
  between the clients and the servers.

  This is the case were we have a problem with rule 9.  It tries to
  guess which network might be closer, and the guess doesn't really
  make sense in alot of cases.

- A last case is that you set it up with global and a private
  (site-local) address.

  This is already covered by rule 2 and rule 8.  I think in general
  setting things up that way doesn't make much sense.

So my conclusion is that rule 9 as it is now is only useful in 1 case,
and that in that case either one of the other rules should be used
instead, or the local policy modified.

Kurt

Reply to:

Follow-Ups:
- Re: A comment about RFC 3484 address selection
  - From: Florian Weimer <fw@deneb.enyo.de>

References:
- [Juliusz.Chroboczek@pps.jussieu.fr: Re: A comment about RFC 3484 address selection]
  - From: Clint Adams <schizo@debian.org>
- Re: [Juliusz.Chroboczek@pps.jussieu.fr: Re: A comment about RFC 3484 address selection]
  - From: Kurt Roeckx <kurt@roeckx.be>

Prev by Date: Re: [Juliusz.Chroboczek@pps.jussieu.fr: Re: A comment about RFC 3484 address selection]
Next by Date: Re: glibc's getaddrinfo() sort order
Previous by thread: Re: [Juliusz.Chroboczek@pps.jussieu.fr: Re: A comment about RFC 3484 address selection]
Next by thread: Re: A comment about RFC 3484 address selection
Index(es):
- Date
- Thread