HTTP/1.1 200 OK Date: Tue, 09 Apr 2002 11:31:10 GMT Server: Apache/1.3.20 (Unix) Last-Modified: Tue, 21 Feb 1995 23:00:00 GMT ETag: "3dd9eb-1fbc-2f4a7070" Accept-Ranges: bytes Content-Length: 8124 Connection: close Content-Type: text/plain Network Working Group W A Simpson Internet Draft Daydreamer expires in six months February 1995 ICMP Domain Name Messages draft-simpson-icmp-domain-name-00.txt Status of this Memo This document is an independent submission. Comments should be submitted to the namedroppers@internic.net mailing list. Distribution of this memo is unlimited. This document is an Internet-Draft. Internet Drafts are working documents of the Internet Engineering Task Force (IETF), its Areas, and its Working Groups. Note that other groups may also distribute working documents as Internet Drafts. Internet Drafts are draft documents valid for a maximum of six months, and may be updated, replaced, or obsoleted by other documents at any time. It is not appropriate to use Internet Drafts as reference material, or to cite them other than as a ``working draft'' or ``work in progress.'' To learn the current status of any Internet-Draft, please check the ``1id-abstracts.txt'' listing contained in the internet-drafts Shadow Directories on: ftp.is.co.za (Africa) nic.nordu.net (Europe) ds.internic.net (US East Coast) ftp.isi.edu (US West Coast) munnari.oz.au (Pacific Rim) Abstract This document specifies ICMP messages for learning the Fully Qualified Domain Name of a target, without laborious maintainance and searching of an "inverse" DNS tree. Simpson expires in six months [Page i] DRAFT ICMP Domain Name February 1995 1. Introduction The Domain Name System (DNS) is described in [RFC-1034]. The IN-ADDR domain of the DNS is specified [RFC-1035] to perform address to domain name mapping, and to facilitate queries to locate all gateways (routers) on a particular network in the Internet. Neither function has been remarkably successful. The IN-ADDR domain is not reliably populated. As multiple routers were used at the boundaries and within networks, the IN-ADDR mechanism was found to be inadequate. The location of routers by hosts is now performed using "ICMP Router Discovery Messages" [RFC-1256]. As network numbers migrated to "classless" routing and aggregation, the IN-ADDR delegation granularity has fragmented, and requires overlapping administration. This structure is not amenable to cooperative secure updating. As application servers have appeared which require the Domain Name for user interaction and security logging, the IN-ADDR servers have been inundated with queries. This produces long user visible pauses at the initiation of sessions. Instead, this document proposes that each computer be queried directly for its Domain Name. This has the advantages that the mapping is under the same administration as the address assignment, and the queries are distributed in the same fashion as IP routing. In effect, the routing is used to index the mapping database. The datagram format and basic facilities are already defined for ICMP [RFC-792]. Up-to-date values of the ICMP Type field are specified in the most recent "Assigned Numbers" [RFC-1700]. This document concerns the following values: 37 Domain Name Request 38 Domain Name Reply Simpson expires in six months [Page 1] DRAFT ICMP Domain Name February 1995 1.1. Domain Name Request +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Type | Code | Checksum | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Identifier | Sequence Number | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Type 37 Code 0 Checksum The ICMP Checksum. Identifier If Code is zero, a value to aid in matching requests and replies. For example, it might be used like a port in TCP or UDP to identify a session. May be zero. Sequence Number If Code is zero, a value to aid in matching requests and replies. For example, the number might be incremented on each request sent. May be zero. A separate Domain Name Request is used for each IP Destination queried. An ICMP Domain Name Request received with a broadcast or multicast Destination MUST be silently discarded. Simpson expires in six months [Page 2] DRAFT ICMP Domain Name February 1995 1.2. Domain Name Reply +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Type | Code | Checksum | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Identifier | Sequence Number | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Names ... +-+-+-+-+-+-+-+- Type 38 Code 0 Checksum The ICMP Checksum. Identifier Copied from the request. Sequence Number Copied from the request. Names zero or more Fully Qualified Domain Names. The length of this field is determined from the total length of the datagram. Each name is expressed as a sequence of labels. Each label is represented as a one octet length field, followed by that number of octets. Since every domain name ends with the null label of the root, a domain name is terminated by a length byte of zero. The high order two bits of every length octet must be zero, and the remaining six bits of the length field limit the label to 63 octets or less. To simplify implementations, the total length of a domain name (including label octets and label length octets) is restricted to 255 octets or less. The Source in a Reply MUST be the same as the Destination of the corresponding Request message. Every host and router MUST implement an ICMP Domain Name server function that receives Domain Name Requests and sends corresponding Domain Name Replies. A host SHOULD also implement an application- layer interface for sending a Domain Name Request and receiving a Domain Name Reply, for diagnostic purposes. Simpson expires in six months [Page 3] DRAFT ICMP Domain Name February 1995 Security Considerations A primary purpose of this specification is to provide a mechanism for updating and learning address to domain name mapping which is more secure than IN-ADDR mapping. Although the routing infrastructure to the Destination does not provide security in and of itself, it is as least as reliable as delivery of correspondence for the other sessions with the same peer. Although the peer might not be accurate in its reply, this mechanism is amenable to establishment of Security Associations for authentication and privacy. References [RFC-792] [RFC-1034] [RFC-1035] [RFC-1256] [RFC-1700] Author's Address Questions about this memo can also be directed to: William Allen Simpson Daydreamer Computer Systems Consulting Services 1384 Fontaine Madison Heights, Michigan 48071 Bill.Simpson@um.cc.umich.edu bsimpson@MorningStar.com Simpson expires in six months [Page 4]