Internet Engineering Task Force Akira Kato, WIDE
INTERNET-DRAFT Paul Vixie, ISC
Expires: August 24, 2003 February 24, 2003
Operational Guidelines for "local" zones in the DNS
draft-kato-dnsop-local-zones-00.txt
Status of this Memo
This document is an Internet-Draft and is in full conformance with all provisions of Section 10 of RFC2026.
Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet-Drafts.
Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as ``work in progress.''
To view the list Internet-Draft Shadow Directories, see http://www.ietf.org/shadow.html.
Distribution of this memo is unlimited.
The internet-draft will expire in 6 months. The date of expiration will be August 24, 2003.
Abstract
A large number of DNS queries regarding to the "local" zones are sent over the Internet in every second. This memo describes operational guidelines to reduce the unnecessary DNS traffic as well as the load of the Root DNS Servers.
- Introduction
While it has yet been described in a RFC, .local is used to provide a local subspace of the DNS tree. Formal delegation process has not been completed for this TLD. In spite of this informal status, .local has been used in many installations regardless of the awareness of the users. Usually, the local DNS servers are not authoritative to the .local domain, they end up to send queries to the Root DNS Servers.
There are several other DNS zones which describe the "local" information. .localhost has been used to describe the localhost for more than a couple of decades and virtually all of the DNS servers are configured authoritative for .localhost and its reverse zone .127.in-
KATO Expires: August 24, 2003 [Page 1]
DRAFT DNS local zones February 2003
addr.arpa. However, there are other "local" zones currently used in the Internet or Intranets connected to the Internet through NATs or similar devices.
At a DNS server of an university in Japan, half of the DNS queries sent to one of the 13 Root DNS Servers were regarding to the .local. At another DNS Server running in one of the Major ISPs in Japan, the 1/4 were .local. If those "local" queries are able to direct other DNS servers than Root, or they can be resolved locally, it contributes the reduction of the Root DNS Servers.
2. Rationale
Any DNS queries regarding to "local" names should not be sent to the DNS servers on the Internet.
3. Operational Guidelines
Those queries should be processed at the DNS servers internal to each site so that the severs respond with NXDOMAIN rather than sending queries to the DNS servers outside.
The "local" names have common DNS suffixes which are listed below:
3.1. Local host related zones:
Following two zones are described in [Barr, 1996] and .localhost is also defined in [Eastlake, 1999] .
- .localhost
- .127.in-addr.arpa
Following two zones are for the loopback address in IPv6 [Hinden, 1998] . While the TLD for IPv6 reverse lookup is .arpa as defined in [Bush, 2001] , the old TLD .int has been used for this purpose for years [Thomson, 1995] and many implementations still use .int. So it is suggested that both zones should be provided for each IPv6 reverse lookup zone for a while.
- 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.int
- 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa
3.2. Locally created name space
While the use of .local has been proposed in several Internet-Drafts, it has not been described in any Internet documents with formal status. However, the amount of the queries for .local is much larger than others, it is suggested to resolve the following zone locally:
KATO Expires: August 24, 2003 [Page 2]
DRAFT DNS local zones February 2003
- .local
3.3. Private or site-local addresses
The following IPv4 "private" addresses [Rekhter, 1996] and IPv6 sitelocal addresses [Hinden, 1998] should be resolved locally:
- 10.in-addr.arpa
- 16.172.in-addr.arpa
- 17.172.in-addr.arpa
- 18.172.in-addr.arpa
- 19.172.in-addr.arpa
- 20.172.in-addr.arpa
- 21.172.in-addr.arpa
- 22.172.in-addr.arpa
- 23.172.in-addr.arpa
- 24.172.in-addr.arpa
- 25.172.in-addr.arpa
- 26.172.in-addr.arpa
- 27.172.in-addr.arpa
- 28.172.in-addr.arpa
- 29.172.in-addr.arpa
- 30.172.in-addr.arpa
- 31.172.in-addr.arpa
- 168.192.in-addr.arpa
- c.e.f.ip6.int
- d.e.f.ip6.int
- e.e.f.ip6.int
- f.e.f.ip6.int
- c.e.f.ip6.arpa
- d.e.f.ip6.arpa
- e.e.f.ip6.arpa
- f.e.f.ip6.arpa
3.4. Link-local addresses
The link-local address blocks for IPv4 [IANA, 2002] and IPv6 [Hinden, 1998] should be resolved locally:
- 254.169.in-addr.arpa
- 8.e.f.ip6.int
- 9.e.f.ip6.int
- a.e.f.ip6.int
- b.e.f.ip6.int
- 8.e.f.ip6.arpa
- 9.e.f.ip6.arpa
- a.e.f.ip6.arpa
- b.e.f.ip6.arpa
KATO Expires: August 24, 2003 [Page 3]
DRAFT DNS local zones February 2003
4. Suggestions to developers
4.1. Suggestions to DNS software implementors
In order to avoid unnecessary traffic, it is suggested that DNS software implementors provide configuration templates or default configurations so that the names described in the previous section are resolved locally rather than sent to other DNS servers in the Internet.
4.2. Suggestions to developers of NATs or similar devices
There are many NAT or similar devices available in the market. Regardless of the availability of DNS Servers in those devices, it is suggested that those devices are able to filter the DNS traffic or respond to the DNS traffic related to "local" zones by configuration regardless of its ability of DNS service. It is suggested that this functionality is activated by default.
5. IANA Consideration
While .local TLD has yet defined officially, there are substantial queries to the Root DNS Servers as of writing. About 1/4 to 1/2% of the traffic sent to the Root DNS Servers are related to the .local zone. Therefore, while it is not formally defined, it is suggested that IANA delegates .local TLD to an organization.
The AS112 Project [Vixie, ] serves authoritative DNS service for RFC1918 address and the link-local address. It has several DNS server instances around the world by using BGP Anycast [Hardie, 2002] . So the AS112 Project is one of the candidates to host the .local TLD.
Authors' addresses
Akira Kato
The University of Tokyo, Information Technology Center
2-11-16 Yayoi Bunkyo
Tokyo 113-8658, JAPAN
Tel: +81 3-5841-2750
Email: kato@wide.ad.jp
Paul Vixie
Internet Software Consortium
950 Charter Street
Redwood City, CA 94063, USA
Tel: +1 650-779-7001
Email: vixie@isc.org
KATO Expires: August 24, 2003 [Page 4]
DRAFT DNS local zones February 2003
References
To be filled
References
Barr, 1996.
D. Barr, "Common DNS Operational and Configuration Errors" in RFC1912
(February 1996).
Eastlake, 1999.
D. Eastlake, "Reserved Top Level DNS Names" in RFC2606 (June 1999).
Hinden, 1998.
R. Hinden and S. Deering, "IP Version 6 Addressing Architecture" in
RFC2373 (July 1998).
Bush, 2001.
R. Bush, "Delegation of IP6.ARPA" in RFC3152 (August 2001).
Thomson, 1995.
S. Thomson and C. Huitema, "DNS Extensions to support IP version 6" in
RFC1886 (December 1995).
Rekhter, 1996.
Y. Rekhter, B. Moskowitz, D. Karrenberg, G. J. de Groot, and E. Lear,
"Address Allocation for Private Internets" in RFC1918 (February 1996).
IANA, 2002.
IANA, "Special-Use IPv4 Addresses" in RFC3330 (September 2002).
Vixie, .
P. Vixie, "AS112 Project" in AS112. http://www.as112.net/.
Hardie, 2002.
T. Hardie, "Distributing Authoritative Name Servers via Shared Unicast
Addresses" in RFC3258 (April 2002).
KATO Expires: August 24, 2003 [Page 5]