Home page logo
/

nanog logo nanog mailing list archives

Re: Domain names for ISP infrastructure links
From: Matthew Petach <mpetach () netflight com>
Date: Wed, 8 Jan 1997 00:54:30 -0800 (PST)


That may sound silly, but there's a merit in the
idea that domain names can successfully replace the
SNMP's object IDs.  SNMP and DNS then become the same
protocol.

In fact, all protocols requiring exchange of some request
and getting some reply from a uniquely named object can
be made a particular case of a generic protocol.   There's
no reason for Internet to be a hodge-podge of specialized
kludges.   In most cases, it only takes an ability for DNS
to "hand off" the continuation of name resolution to
application programs.

This isn't that far fetched, actually; look at all the
fun you can have with the Hesiod class, or look at how
contact info is stored in DNS within the reverse address
blocks for the MAEs.  

Even such wonderful things as password files can 
be distributed that way, or POP mailbox 
locations; for example, my SO works at an
institution that distributes mail for 40,000+ users
among 12 mail hubs by querying TXT records out of DNS.
It's fast, it caches well, it scales beautifully, and
best of all, it didn't require a whole new protocol!

In fact, the password file entries for all 40,000 users 
are also retrievable via simple DNS queries, so that
building up customized /etc/passwd files on remote 
machines is a simple task.  And no, they're not silly
enough to put the encrypted password in the DNS entry;
since they use Kerberos, that field is left with an
invalid string (they could even have put fake encrypted
entries, just to torment would-be hackers), and the
actual authentication is done via encrypted Kerberos calls.

The mailbox lookups, and alias expansions, and forwarding
info is done via hesinfo lookups that are standard 
Sendmail 8.8.x, no local hacks needed.  The only step
that would make things even cooler would be having
the getpw* calls modified in the system libraries to
do the DNS queries directly to get user id's, home
directories, and the like, rather than having to
dump them periodically to the flat /etc/passwd
files.

Sorry, didn't mean to rant so much; it's just that
when you get right down to it, the DNS hierarchical
naming system can be used to store so many other
forms of information beyond just the plain and
boring hostnames that most of us use it for right
now.   It's a shame it's so underutilized.

Time to hop off my soapbox now...

Matt Petach

See -- i don't think everything Plan 9-ish is pure crap.

--vadim

From: John Curran <jcurran () bbnplanet com>

No...  we're going to mandate OID-style router names
for the world's Internet providers:  

  <isoc-tree>.<internet-infrastructure branch>.
  <iso country code>.<city ordinal>.<provider #>.
  <facility #>.<rack #>.<shelf #>.<router ordinal>

Great fun to watch (it could be happening this way
in the alternate universe next door.)

;-)
/John  


- - - - - - - - - - - - - - - - -


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault