renumbering and roaming

On Sun, 17 May 1998, Michael Dillon turned on his computer and typed:

On Sun, 17 May 1998, Michael K. Smith:

IMHO every dialup customer from every ISP in the world should use
192.168.254.1 for their DNS address and this number should be hard coded
as the default in all client software. Then this problem would go away.

if all ISPs agreed to use these addresses... say
- TWO resolvers, e.g. 192.168.254,1 and 192.168.253.1
- two mail relays, e.g. 192.168.254.5 and 192.168.253.5
- two news servers, e.g. ---254.9 and 253.9
- two ntp time servers
- etc etc

[the addresses chosen for /30 netmasks, I think that in my Monday morning
brain-state I got it right?]

And so on for "standard" services, then we could achieve global roaming SO
easily.

The number of times we've had customers roam elsewhere and then try
and use ou r mail relays when for spam reasons relaying is denied...

After several discussions, we came up with this solution that we think
works well to support standard services for roaming users:

Support a .local. root domain in your DNS servers. Examples of DNS
hostnames would be mail.local., ntp.local., news.local., etc. When a
roamer dials up he generally uses the DNS servers assigned by the NAS;
these addresses would be authoritative on a provider-by-provider
basis. If all networks supported this schema all users could simply
have these addresses coded into their client software and would
connect to the proper machines as they differ on various networks.

iPass is currently building an Internet-Draft specifying the details
of this approach. What do you think?

--Michael

                 Michael S. Fischer <otterley@iPass.COM>
>\ Sr. Systems/Network Administrator, iPass Inc. _O_
> require Std::Disclaimer; |
() Voice: +1 650 944 0333 FAX: +1 650 237 7321 |
     "There's a thin line between love and a crime and collaboration"

That doesn't work; too many of those things must be hard-coded numbers
(specifically, the DNS servers).

.LOCAL along with defined addresses, declared as "non-routable" (ie: local
only) *DOES* do the trick.

Support a .local. root domain in your DNS servers. Examples of DNS
hostnames would be mail.local., ntp.local., news.local., etc. When a
roamer dials up he generally uses the DNS servers assigned by the NAS;

I did think of this a while ago, and nearly proposed it on NANOG, because at
first it seems stunningly simple and trivial, but then...
a) if you have separate resolvers to nameservers (former being just caches
with no primary/secondary domains hosted, thus avoiding downtime during
reloading), you don't want to pollute your resolvers
b) the client needs to have a starting point for his/her resolvers, i.e. an
IP address, which you want on YOUR network not their home ISPs, and if they
carry their resolver configuration over...

So, although I think it's not a bad idea, there are significant snags, but a
lot can be done with this.

If the IP addresses were fixed, or at least for a pair of resolvers, perhaps
each ISP should have appropriate reverse DNS set up, e.g.
relay1.mail.uk.psinet.LOCAL, so that internal traffic and email headers made
sense, otherwise it'd make spammers life a lot easier.

these addresses would be authoritative on a provider-by-provider
basis. If all networks supported this schema all users could simply
have these addresses coded into their client software and would
connect to the proper machines as they differ on various networks.

Yes, each ISP would hack their systems to have their own "root" nameserver for
.local, and be authoritative for the forward and reverse.

iPass is currently building an Internet-Draft specifying the details
of this approach. What do you think?

I'll confess to not being a big fan of the way iPass works... good idea, but
the implementation is not as sophisticated as I'd like (we are a partner and
use an adapted anti-spam toolkit etc for our mail relays).

Paul