[dnsext] Slamming the TCP door, was Re: Fwd: New Version Notification for draft-ah-dnsext-rfc1995bis-ixfr-02
Shane Kerr <shane@isc.org> Mon, 20 June 2011 12:14 UTC
Return-Path: <shane@isc.org>
X-Original-To: dnsext@ietfa.amsl.com
Delivered-To: dnsext@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C954011E807A for <dnsext@ietfa.amsl.com>; Mon, 20 Jun 2011 05:14:20 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.6
X-Spam-Level:
X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, NO_RELAYS=-0.001]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RdDK-QP+ZE4x for <dnsext@ietfa.amsl.com>; Mon, 20 Jun 2011 05:14:20 -0700 (PDT)
Received: from mx.pao1.isc.org (mx.pao1.isc.org [IPv6:2001:4f8:0:2::2b]) by ietfa.amsl.com (Postfix) with ESMTP id 3EF1511E8078 for <dnsext@ietf.org>; Mon, 20 Jun 2011 05:14:20 -0700 (PDT)
Received: from bikeshed.isc.org (bikeshed.isc.org [IPv6:2001:4f8:3:d::19]) (using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 bits)) (Client CN "bikeshed.isc.org", Issuer "ISC CA" (verified OK)) by mx.pao1.isc.org (Postfix) with ESMTPS id B28DEC94B7; Mon, 20 Jun 2011 12:14:11 +0000 (UTC) (envelope-from shane@isc.org)
Received: from [IPv6:2001:610:719:1:beae:c5ff:fe43:aa00] (unknown [IPv6:2001:610:719:1:beae:c5ff:fe43:aa00]) (using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 bits)) (Client did not present a certificate) by bikeshed.isc.org (Postfix) with ESMTPSA id 3E15F216C86; Mon, 20 Jun 2011 12:14:10 +0000 (UTC) (envelope-from shane@isc.org)
From: Shane Kerr <shane@isc.org>
To: "W.C.A. Wijngaards" <wouter@NLnetLabs.nl>
In-Reply-To: <4DFEFBDE.4030303@nlnetlabs.nl>
References: <4DB81069.3080404@nic.cz> <4DF9B5BD.7010900@nic.cz> <a06240803ca1fd7525c50@10.31.201.23> <BANLkTinjRDHyKH-tLEoejodXb2+7qQLO7w@mail.gmail.com> <a06240801ca2102b8b4f2@10.31.201.23> <BANLkTikoVVaXF2_LJ3KHm6P7oFpfC+n2tw@mail.gmail.com> <a06240801ca21246f76de@10.31.201.23> <BANLkTinVfuL0WEYwaycTaAnWDS9vYF5NjQ@mail.gmail.com> <4DFEFBDE.4030303@nlnetlabs.nl>
Content-Type: text/plain; charset="UTF-8"
Organization: ISC
Date: Mon, 20 Jun 2011 14:14:07 +0200
Message-ID: <1308572047.2742.37.camel@shane-desktop>
Mime-Version: 1.0
X-Mailer: Evolution 2.32.2 (2.32.2-1.fc14)
Content-Transfer-Encoding: 7bit
Cc: dnsext@ietf.org
Subject: [dnsext] Slamming the TCP door, was Re: Fwd: New Version Notification for draft-ah-dnsext-rfc1995bis-ixfr-02
X-BeenThere: dnsext@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: DNS Extensions working group discussion list <dnsext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsext>, <mailto:dnsext-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dnsext>
List-Post: <mailto:dnsext@ietf.org>
List-Help: <mailto:dnsext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsext>, <mailto:dnsext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 20 Jun 2011 12:14:20 -0000
Wouter, On Mon, 2011-06-20 at 09:50 +0200, W.C.A. Wijngaards wrote: > On 06/17/2011 08:05 PM, Brian Dickson wrote: > > On Fri, Jun 17, 2011 at 11:41 AM, Edward Lewis <Ed.Lewis@neustar.biz> wrote: > >> I don't think there is an understanding of IXFR. I'd suggest reading 1995 > >> again and checking it against your code. Perhaps your code missed > >> something. > > > > Either a protocol change (non-standard, or standards-based) between > > the client is needed, > > or the client is forced to be very unfriendly, and abort the IXFR if > > it doesn't see its own Serial > > as the second RR of the IXFR. Closing the TCP socket is the only > > mechanism it would have to do that. > > What is wrong with closing the TCP socket? There's nothing especially wrong with that, and IIRC we did consider this option when discussing IXFR-only over beers several years ago. While you will not get the entire zone, you'll likely still get a lot of extra data. Your operating system will be happily filling its TCP buffer until your application notices that it is getting a AXFR-style transfer and then closes the connection. Granted this is probably only a few tens of MB at most, but I don't think the changes on the slave side are much more complicated for IXFR-only, and solve the problem. -- Shane
- [dnsext] Fwd: New Version Notification for draft-… Ondřej Surý
- Re: [dnsext] Fwd: New Version Notification for dr… Ondřej Surý
- Re: [dnsext] Fwd: New Version Notification for dr… Edward Lewis
- Re: [dnsext] Fwd: New Version Notification for dr… Brian Dickson
- Re: [dnsext] Fwd: New Version Notification for dr… Mark Andrews
- Re: [dnsext] Fwd: New Version Notification for dr… Masataka Ohta
- Re: [dnsext] Fwd: New Version Notification for dr… Mark Andrews
- Re: [dnsext] Fwd: New Version Notification for dr… Masataka Ohta
- Re: [dnsext] Fwd: New Version Notification for dr… Edward Lewis
- Re: [dnsext] Fwd: New Version Notification for dr… Edward Lewis
- Re: [dnsext] Fwd: New Version Notification for dr… Ondřej Surý
- Re: [dnsext] Fwd: New Version Notification for dr… Edward Lewis
- Re: [dnsext] Fwd: New Version Notification for dr… Brian Dickson
- Re: [dnsext] Fwd: New Version Notification for dr… Edward Lewis
- Re: [dnsext] Fwd: New Version Notification for dr… Brian Dickson
- Re: [dnsext] Fwd: New Version Notification for dr… Masataka Ohta
- Re: [dnsext] Fwd: New Version Notification for dr… Brian Dickson
- Re: [dnsext] Fwd: New Version Notification for dr… W.C.A. Wijngaards
- [dnsext] Use case for IXFR-only, was Re: Fwd: New… Shane Kerr
- [dnsext] Slamming the TCP door, was Re: Fwd: New … Shane Kerr
- Re: [dnsext] Use case for IXFR-only, was Re: Fwd:… Edward Lewis
- Re: [dnsext] Slamming the TCP door, was Re: Fwd: … Edward Lewis
- Re: [dnsext] Slamming the TCP door, was Re: Fwd: … Mark Andrews
- Re: [dnsext] Use case for IXFR-only, was Re: Fwd:… Mark Andrews
- Re: [dnsext] Slamming the TCP door, was Re: Fwd: … Edward Lewis
- Re: [dnsext] Slamming the TCP door, was Re: Fwd: … W.C.A. Wijngaards
- Re: [dnsext] Slamming the TCP door, was Re: Fwd: … Josh Littlefield
- Re: [dnsext] Slamming the TCP door, was Re: Fwd: … Josh Littlefield
- Re: [dnsext] Slamming the TCP door, was Re: Fwd: … Paul Vixie
- Re: [dnsext] Slamming the TCP door, was Re: Fwd: … Edward Lewis
- Re: [dnsext] Fwd: New Version Notification for dr… Masataka Ohta
- Re: [dnsext] Slamming the TCP door, was Re: Fwd: … Masataka Ohta
- Re: [dnsext] Slamming the TCP door, was Re: Fwd: … Florian Weimer
- Re: [dnsext] Fwd: New Version Notification for dr… Edward Lewis
- Re: [dnsext] Fwd: New Version Notification for dr… Masataka Ohta
- Re: [dnsext] Fwd: New Version Notification for dr… Edward Lewis
- Re: [dnsext] Fwd: New Version Notification for dr… Masataka Ohta
- Re: [dnsext] Fwd: New Version Notification for dr… Edward Lewis
- Re: [dnsext] Fwd: New Version Notification for dr… Masataka Ohta
- Re: [dnsext] New Version Notification for draft-a… Ondřej Surý
- Re: [dnsext] New Version Notification for draft-a… Masataka Ohta
- Re: [dnsext] New Version Notification for draft-a… Ondřej Surý
- Re: [dnsext] New Version Notification for draft-a… Masataka Ohta
- Re: [dnsext] New Version Notification for draft-a… Ondřej Surý
- Re: [dnsext] New Version Notification for draft-a… Masataka Ohta
- Re: [dnsext] New Version Notification for draft-a… Mark Andrews
- Re: [dnsext] New Version Notification for draft-a… Masataka Ohta
- Re: [dnsext] New Version Notification for draft-a… Shane Kerr
- Re: [dnsext] New Version Notification for draft-a… Masataka Ohta
- Re: [dnsext] New Version Notification for draft-a… Mark Andrews
- Re: [dnsext] New Version Notification for draft-a… Masataka Ohta