Requirements for Management of Name Servers for the DNS
draft-ietf-dnsop-name-server-management-reqs-05

[Ballot discuss]
[re-send with slightly revised proposed text]

I had a little trouble with the scope of this document.  In the Introduction, there are two paragraphs that identify
issues that are out of scope.  Would it be accurate to insert the following sentence (perhaps immediately before
"Also out scope ..."  ???

    This document only discusses requirements for managing the
    name server component of a system and does not address
    management of individual RRsets within a zone.

This would highlight the difference in scope from DDNS, AXFR, and IXFR which seem to be viewed as offering
complementary functionality...

[Ballot discuss]
I had a little trouble with the scope of this document.  In the Introduction, there are two paragraphs that identify
issues that are out of scope.  Would it be accurate to insert the following sentence (perhaps immediately before
"Also out scope ..."  ???

    This document only discusses requirements for managing the
    name server component of a system and does not address
    management of zone data.

This would highlight the difference in scope from DDNS, AXFR, and IXFR which seem to be viewed as offering
complementary functionality...

[Ballot comment]
These comments from a review by Ari Keränen may be considered:

3.3.  Monitoring Requirements

    o  Number of requests sent, responses sent, average response latency
      and other performance counters

Even if these are only examples, I'd add "number of errors" to the list.

3.4.  Alarm and Event Requirements

Here, regarding the previous comment, I'd add "number of errors exceeds
some threshold".

[Ballot discuss]
This is a comprehensive and important document. Before casting a 'Yes' vote I would like to see some of the requirements clarified so that this document can be used in an efficient manner as a reference for the design or selection of protocols that would implement a management solution.

1. Section 2.1.3

> The solution MUST support servers that remain fairly
  statically configured over time

Please explain what 'fairly statically congigured' means

2. Section 2.1.4

> Multiple protocols might be used to create the complete management
  solution, but the number of protocols used SHOULD be reduced to a
  reasonable minimum number.

The usage of a keyword is discutable here, and actually the requirement is discutable, What is a 'reasonable minimum number'? I think this requirement should be elimintated and the discussion moved to the introduction sections.

3. Section 2.1.6

> However, the impact to the
  existing DNS service MUST be minimized

This is too vague and too general. What is an acceptable operational impact when upgrading a system to add the management solution?

4. Section 3.2.1

>  the
  management system SHOULD still be able to natively create a new zone
  (with enough minimal data to allow the other mechanisms to function
  as well) as well as delete a zone.  This might be, for example, a
  management operation that at least allows for the creation of the
  initial SOA record for a new zone as that's the minimum amount of
  zone data needed for the other operations to function.

Please explain what 'natively' means in this context. Please explain what a 'SOA record' is.

[Ballot comment]
Section 1., paragraph 2:
>    Previous standardization work within the IETF resulted in the
>    creation of two SNMP MIB modules [RFC1611] [RFC1612] but they failed
>    to achieve significant implementation and deployment.  The perceived
>    reasons behind the failure for the two MIB modules are further
>    documented in [RFC3197].

  Should we move these two MIB modules [RFC1611][RFC1612] to Historic?


Section 2.1.1., paragraph 1:
>    The management solution MUST support both name servers that are
>    serving a small number of potentially very large zones (e.g.  Top
>    Level Domains (TLDs)) as well as name servers that are serving a very
>    large number of small zones.  Both deployment scenarios are common.

  Plus, obviously, name servers that lie somewhere in between these
  extremes.


Section 2.1.2., paragraph 1:
>    Large enterprise network deployments may contain multiple name
>    servers operating within the boundaries of the enterprise network.
>    These name servers may each be serving multiple zones both in and out
>    of the parent enterprise's zone.  Finding and managing a large
>    numbers of name servers would be a useful feature of the resulting
>    management solution.  The management solution MAY support the ability
>    to discover previously unknown instances of name servers operating
>    within a deployed network.

  Clarification question: Do you mean discovery of "rogue" name servers
  that are *not* somehow discoverable based on information in the zones
  themselves? I.e. discovery mechanisms to probe the network, rather
  than analyze zone information?


Section 3.1.1., paragraph 6:
>    o  Restarting the name server

  Restarting seems redundant if stopping and starting are supported.

[Ballot discuss]
Section 2.1.4., paragraph 1:
>    There are many requirements in this document for many different types
>    of management operations (see Section 3 for further details).  It is
>    possible that no one protocol will ideally fill all the needs of the
>    requirements listed in this document and thus multiple protocols
>    might be needed to produce a completely functional management system.
>    Multiple protocols might be used to create the complete management
>    solution, but the number of protocols used SHOULD be reduced to a
>    reasonable minimum number.

  DISCUSS: I'd like to discuss this requirement with the ADs on the
  call. I believe the benefits of a single protocol - even though it may
  not be ideal for all cases - is much preferable to a multitude of
  protocols. We should try real hard to come up with a single protocol
  here.


Section 3.4., paragraph 0:
> 3.4.  Alarm and Event Requirements

  DISCUSS: I'd like to discuss this aspect with the ADs on the call. I
  don't see why this needs to be in scope of the management protocol.
  *Monitoring* needs to be supported, but if and how alarms are raised
  based on the monitored data seems very deployment specific.

PROTO write up for
======================================================================

(1.a) Who is the Document Shepherd for this document? Has the
Document Shepherd personally reviewed this version of the
document and, in particular, does he or she believe this
version is ready for forwarding to the IESG for publication?

Peter Koch is the shepherd for this document, has read the
latest version
and yes, I believe it is ready for publication.

(1.b) Has the document had adequate review both from key WG members
and from key non-WG members? Does the Document Shepherd have
any concerns about the depth or breadth of the reviews that
have been performed?

The document is the result of the work of a large group of people,
many of which have contributed ideas and reviewed the draft.

(1.c) Does the Document Shepherd have concerns that the document
needs more review from a particular or broader perspective,
e.g., security, operational complexity, someone familiar with
AAA, internationalization or XML?

There are no such concerns.

(1.d) Does the Document Shepherd have any specific concerns or
issues with this document that the Responsible Area Director
and/or the IESG should be aware of? For example, perhaps he
or she is uncomfortable with certain parts of the document, or
has concerns whether there really is a need for it. In any
event, if the WG has discussed those issues and has indicated
that it still wishes to advance the document, detail those
concerns here. Has an IPR disclosure related to this document
been filed? If so, please include a reference to the
disclosure and summarize the WG discussion and conclusion on
this issue.

No.
There was no contention. The long delay between WGLC and this submission
is purely the fault of this document shepherd.

(1.e) How solid is the WG consensus behind this document? Does it
represent the strong concurrence of a few individuals, with
others being silent, or does the WG as a whole understand and
agree with it?

The document is the result of a design team work. Members of the team
represent a variety of operators, vendors and other interested parties.
The group consisted of 10-15 individuals.
Most people inside the WG who were interested in the topic have
contributed to the effort. The draft was last called in the WG
with some additional support.


(1.f) Has anyone threatened an appeal or otherwise indicated extreme
discontent? If so, please summarise the areas of conflict in
separate email messages to the Responsible Area Director. (It
should be in a separate email because this questionnaire is
entered into the ID Tracker.)

No.

(1.g) Has the Document Shepherd personally verified that the
document satisfies all ID nits? (See the Internet-Drafts Checklist
and http://tools.ietf.org/tools/idnits/). Boilerplate checks are
not enough; this check needs to be thorough. Has the document
met all formal review criteria it needs to, such as the MIB
Doctor, media type and URI type reviews?

Yes, the draft meets requirements. It passed idnits 2.12.05.

(1.h) Has the document split its references into normative and
informative? Are there normative references to documents that
are not ready for advancement or are otherwise in an unclear
state? If such normative references exist, what is the
strategy for their completion? Are there normative references
that are downward references, as described in [RFC3967]? If
so, list these downward references to support the Area
Director in the Last Call procedure for them [RFC3967].

The references are split as required, the draft is aiming at Informational,
so there are no downrefs.

(1.i) Has the Document Shepherd verified that the document IANA
consideration section exists and is consistent with the body
of the document? If the document specifies protocol
extensions, are reservations requested in appropriate IANA
registries? Are the IANA registries clearly identified? If
the document creates a new registry, does it define the
proposed initial contents of the registry and an allocation
procedure for future registrations? Does it suggest a
reasonable name for the new registry? See [RFC5226]. If the
document describes an Expert Review process has Shepherd
conferred with the Responsible Area Director so that the IESG
can appoint the needed Expert during the IESG Evaluation?

This is a requirements document. No action or attention is required
of IANA for this document.

(1.j) Has the Document Shepherd verified that sections of the
document that are written in a formal language, such as XML
code, BNF rules, MIB definitions, etc., validate correctly in
an automated checker?

N/A

(1.k) The IESG approval announcement includes a Document
Announcement Write-Up. Please provide such a Document
Announcement Write-Up? Recent examples can be found in the
"Action" announcements for approved documents. The approval
announcement contains the following sections:

Technical Summary
Relevant content can frequently be found in the abstract
and/or introduction of the document. If not, this may be
an indication that there are deficiencies in the abstract
or introduction.

Management of name servers for the Domain Name System (DNS) has
traditionally been done using vendor-specific configuration and control
methods. Although some service monitoring platforms can test the
functionality of the DNS itself there is not an interoperable way to
manage (control, configure, and monitor) the internal aspects of a name
server itself.

This document discusses the requirements of a management system, protocol
or framework for name servers and can be used as a shopping list of
needed features for such a system.


Working Group Summary
Was there anything in WG process that is worth noting? For
example, was there controversy about particular points or
were there decisions where the consensus was particularly
rough?

The document represents the consensus of the Working Group.

Document Quality
Are there existing implementations of the protocol? Have a
significant number of vendors indicated their plan to
implement the specification? Are there any reviewers that
merit special mention as having done a thorough review,
e.g., one that resulted in important changes or a
conclusion that the document had no substantive issues? If
there was a MIB Doctor, Media Type or other expert review,
what was its course (briefly)? In the case of a Media Type
review, on what date was the request posted?

The document provides a set of requirements rather than a design of a protocol.
However, followup work has already been started within the IETF to develop a
framework based on this document.