IETF Logo Mail Archive

Re: [Add] [ietf-wg-add/draft-ietf-add-ddr] Clarifying IP hint behavior (#12)

Ben Schwartz <bemasc@google.com> Wed, 24 March 2021 02:25 UTC

Return-Path: <bemasc@google.com>
X-Original-To: add@ietfa.amsl.com
Delivered-To: add@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AF36E3A1DAF for <add@ietfa.amsl.com>; Tue, 23 Mar 2021 19:25:43 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -17.599
X-Spam-Level:
X-Spam-Status: No, score=-17.599 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, ENV_AND_HDR_SPF_MATCH=-0.5, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5, USER_IN_DEF_SPF_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=google.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id VBVulkQye3tk for <add@ietfa.amsl.com>; Tue, 23 Mar 2021 19:25:38 -0700 (PDT)
Received: from mail-wr1-x42e.google.com (mail-wr1-x42e.google.com [IPv6:2a00:1450:4864:20::42e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 615C43A1DA3 for <add@ietf.org>; Tue, 23 Mar 2021 19:25:38 -0700 (PDT)
Received: by mail-wr1-x42e.google.com with SMTP id k8so22828683wrc.3 for <add@ietf.org>; Tue, 23 Mar 2021 19:25:38 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=Wf3KRyS7Y3dXdBs2WrDt5Zof4YLegmtD1jC503AzK8I=; b=BXNoGmflSKM+yzh2nS5Qm5OhuPHWFABRpme9DEvLynbHM8/Tt8JfGm9p8CnRDJnLgG smRjypo9HJxdKZBLGJ2OZUPXlqE7ltShaCxMGI4YaJAl44kxaD++fUsKIhs55Qo2V0E5 KokTeGPX2jlAvpfg2a2G2XmtHEsd8KNFJrc+EhjQjoLoRZfZmwZaNXj/tcLzMq5UaI1a Cr5FYlK5oxAkeiKguIfWcDK5k6p0SApt4RTYYWok1qkjI1nu6ManZisMJEDhB94kbyD2 BH6bbHuaNkM1osw9GjyLYFnaLTrzPf38oe/pEG9R5bSQHj04Lbb5+OItrz5jjuZsK8es ng0Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=Wf3KRyS7Y3dXdBs2WrDt5Zof4YLegmtD1jC503AzK8I=; b=YjvT/3Uuwp1JYZC1LI+CUx5HemzyPM+Iz0RwDLXPqmjGR6RCoipP1HJsCZwITnPL/1 9f5rFz6/UecUtsjBWxnTQrVH/1l16V1j34EbXd6KoybvLQW/bPplZMHFvPgFryrE8TJE +LEVVb9GnWE3oec+ofGuqNRtrxjsEz9t1ue+fSLmcyAmQKv0aPOI4oECYqtYV1ApS1xc obS8V/tmDnATQ2+ipt+isl2BU69RRieS58HmluSLEcXFm+t6nkHRvhTbw/X0Ef/tvj0e D+nZWtphW0DHYudJWRu0F7XgVpXWQrPluVZhXKDbv2MhQhUgaTckaEAuqXUgcRLH6zMv 7MAw==
X-Gm-Message-State: AOAM533maDuzkN0wshQa3aIUmarQyvJXFElcFK/oaBaLcQPTLtcA53Ij 7qP1kWe1GhuG6EelKJ5U7w3mO8iGsUo8DM3nvzaoxA==
X-Google-Smtp-Source: ABdhPJyNCfS1P0gtqX3Jrf+Wf5N0+meqb9P210z05ZxEKCcS1uVHc7D2+glBsEGRgkoa8rwQyalJVD9ThIXAI1MVTFU=
X-Received: by 2002:a5d:42d2:: with SMTP id t18mr863092wrr.258.1616552735840; Tue, 23 Mar 2021 19:25:35 -0700 (PDT)
MIME-Version: 1.0
References: <ietf-wg-add/draft-ietf-add-ddr/pull/12@github.com> <ietf-wg-add/draft-ietf-add-ddr/pull/12/c804521139@github.com> <MW2PR00MB0346E41D6ECBF085AAA1913AFA649@MW2PR00MB0346.namprd00.prod.outlook.com> <1EF213CC-20EF-4641-801F-690B6E0DE9E4@apple.com> <CAMGpriXGj4tbo=7OE-O1fhvSx=fZYwZwYp6NBUi3WMNQeAhy6w@mail.gmail.com>
In-Reply-To: <CAMGpriXGj4tbo=7OE-O1fhvSx=fZYwZwYp6NBUi3WMNQeAhy6w@mail.gmail.com>
From: Ben Schwartz <bemasc@google.com>
Date: Tue, 23 Mar 2021 22:25:24 -0400
Message-ID: <CAHbrMsAvcoG9V4d8XkiZpfX28PEkFjY2q-5o49NBacwJzvUizQ@mail.gmail.com>
To: Erik Kline <ek.ietf@gmail.com>
Cc: Tommy Pauly <tpauly=40apple.com@dmarc.ietf.org>, "add@ietf.org" <add@ietf.org>, Tommy Jensen <Jensen.Thomas=40microsoft.com@dmarc.ietf.org>
Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg="sha-256"; boundary="0000000000009a3c8e05be3f0359"
Archived-At: <https://mailarchive.ietf.org/arch/msg/add/-WpSY36dua8eLM276eZ9Ujvx4HQ>
Subject: Re: [Add] [ietf-wg-add/draft-ietf-add-ddr] Clarifying IP hint behavior (#12)
X-BeenThere: add@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Applications Doing DNS <add.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/add>, <mailto:add-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/add/>
List-Post: <mailto:add@ietf.org>
List-Help: <mailto:add-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/add>, <mailto:add-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 24 Mar 2021 02:25:44 -0000

Erik,

That's interesting and relevant to a different conversation about SVCB, but
I don't think it matters here.  In the case of this PR, the name being
resolved is the Special Use Domain Name "_dns.resolver.arpa", i.e. there is
no authoritative server, and the answer is being synthesized locally by the
recursive resolver.  ECS is therefore irrelevant.

Things get slightly more interesting in the case of "Discovery Using
Resolver Names" (Section 5), but in that case the usual guidance from SVCB
applies: if you set TargetName to the base name (i.e. $RESOLVER_NAME), the
client will query the relevant A and AAAA records in parallel, so there's
no reliance on Additional sections.

On Tue, Mar 23, 2021 at 8:17 PM Erik Kline <ek.ietf@gmail.com> wrote:

> If geolocality applies to the IP addresses being returned, putting them in
> the Additional section would (I think) actually exclude EDNS Client Subnet
> usage.
>
> From RFC 7871 section 7.3.1:
>
>    Note that the Additional and Authority sections from a DNS response
>    message are specifically excluded here.  Any records from these
>    sections MUST NOT be tied to a network.
>
> On Tue, Mar 23, 2021 at 9:39 AM Tommy Pauly <tpauly=
> 40apple.com@dmarc.ietf.org> wrote:
>
>>
>>
>> On Mar 23, 2021, at 9:21 AM, Tommy Jensen <
>> Jensen.Thomas=40microsoft.com@dmarc.ietf.org> wrote:
>>
>> Thank you for the feedback, Ben, and for the indirect reminder to bring
>> the PR to the list.
>>
>> What does the list think re: SHOULD include IP hints versus SHOULD NOT in
>> favor of A/AAAA records? The full text changes I am proposing to address
>> Issue #2 and #5 can be found here: Clarifying IP hint behavior by
>> mstojens · Pull Request #12 · ietf-wg-add/draft-ietf-add-ddr (github.com)
>> <https://github.com/ietf-wg-add/draft-ietf-add-ddr/pull/12/files>
>>
>>
>>
>> If the A and AAAA are in the additional section, that’s good too. As long
>> as we say that the SVCB, A, and AAAA information should all come in one
>> response, that’s fine with me. I’d suggest wording it to clarify that
>> that’s the intent, and to prefer the use of an additional section, but
>> mention hints too.
>>
>> Tommy
>>
>>
>> Thanks,
>> Tommy
>>
>> *From:* Benjamin M. Schwartz <notifications@github.com>
>> *Sent:* Monday, March 22, 2021 6:46 PM
>> *To:* ietf-wg-add/draft-ietf-add-ddr <
>> draft-ietf-add-ddr@noreply.github.com>
>> *Cc:* Tommy Jensen <Jensen.Thomas@microsoft.com>; Author <
>> author@noreply.github.com>
>> *Subject:* Re: [ietf-wg-add/draft-ietf-add-ddr] Clarifying IP hint
>> behavior (#12)
>>
>>
>> I think we should invert this advice. We should recommend *not* including
>> IP hints, and instead instruct recursive resolvers to append the relevant A
>> and AAAA records in the Additional Section.
>>
>> The IP hints are strictly a performance hack when using a legacy *non*-SVCB-aware
>> recursive resolver. This text is specifically applicable only to SVCB-aware
>> recursive resolvers, so we can tell them to do it the right way instead.
>>
>> —
>> You are receiving this because you authored the thread.
>> Reply to this email directly, view it on GitHub
>> <https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fietf-wg-add%2Fdraft-ietf-add-ddr%2Fpull%2F12%23issuecomment-804521139&data=04%7C01%7CJensen.Thomas%40microsoft.com%7Cab39b2a73e844921ce6708d8ed9d6a56%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637520607647347856%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=3wYmgzzOtGuj4CBxE5l3C1Ssy%2BO8bu52ICve%2F%2FNIGuY%3D&reserved=0>,
>> or unsubscribe
>> <https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fnotifications%2Funsubscribe-auth%2FAKYFHAW2LG5WPFIF7W7T24DTE7XFTANCNFSM4ZUBYGHA&data=04%7C01%7CJensen.Thomas%40microsoft.com%7Cab39b2a73e844921ce6708d8ed9d6a56%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637520607647347856%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=ebif56IWGHQRSnX4nSXvejbaPk3MRn%2BAxCMpkjgiPJg%3D&reserved=0>
>> .<~WRD0000.jpg>
>> --
>> Add mailing list
>> Add@ietf.org
>> https://www.ietf.org/mailman/listinfo/add
>>
>>
>> --
>> Add mailing list
>> Add@ietf.org
>> https://www.ietf.org/mailman/listinfo/add
>>
> --
> Add mailing list
> Add@ietf.org
> https://www.ietf.org/mailman/listinfo/add
>

v2.23.0 | Report a Bug | By Email