[Ietf-not43] #6 inetDnsDomain objects and 2251 referrals
Andrew Newton
anewton at ecotroph.net
Mon Aug 18 17:27:33 EDT 2003
#6 inetDnsDomain objects and 2251 referrals
From draft-ietf-crisp-firs-dns-02 Section 4 paragraph 1:
> If an entry exists as a
> referral source, the entry MUST also be defined with the referral
> object class, in addition to the above requirements.
Most of the attributes described are strings, but the attributes for the
registry and registrar seem to be LDAP URL referrals... so this would
seem to apply in that the objectclass would be of inetDnsDomain and
referral. Did I get the correct?
Anyway, I think this will cause problems after reading RFC 2251.
From RFC 2251 Section 4.5.3 Paragraph 2:
> In the absence of indexing information provided to a server from
> servers holding subordinate naming contexts, SearchResultReference
> responses are not affected by search filters and are always returned
> when in scope.
Scope, in this sense, is base object, one level, or subtree.
The problem, as I see it, is that there will be policy limits on the
number of entries. So, let's say that I have 200 entries beneath dc=com
and limit of 50 results per query. And let's say that 100 of them have
referrals in them (to the registry or registrar or both). If I do a
subtree or one-level search at dc=com, the response will be filled up
with the first 50 entries because they have referrals that are in scope.
This is true even if the search filter says only give me back domains
hosted by nameserver ns1.example.com.
It would seem that the referrals eat up the response even when they
aren't appropriate to hand back.
-andy
More information about the Ietf-not43
mailing list