Re: [dnsext] draft-li-dnsext-ipv4-ipv6 -- a more versatile proposal
Alfred Hönes <ah@TR-Sys.de> Mon, 09 November 2009 00:24 UTC
Return-Path: <owner-namedroppers@ops.ietf.org>
X-Original-To: ietfarch-dnsext-archive@core3.amsl.com
Delivered-To: ietfarch-dnsext-archive@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix)
with ESMTP id 383013A6A4D; Sun, 8 Nov 2009 16:24:04 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 3.576
X-Spam-Level: ***
X-Spam-Status: No, score=3.576 tagged_above=-999 required=5 tests=[AWL=-0.674,
BAYES_00=-2.599, CHARSET_FARAWAY_HEADER=3.2, FH_RELAY_NODNS=1.451,
HELO_EQ_DE=0.35, HELO_MISMATCH_DE=1.448, MIME_8BIT_HEADER=0.3, RDNS_NONE=0.1]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com
[127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rfbvHVHRAaHP;
Sun, 8 Nov 2009 16:24:03 -0800 (PST)
Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com
(Postfix) with ESMTP id B87333A6A35; Sun, 8 Nov 2009 16:24:02 -0800 (PST)
Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD))
(envelope-from <owner-namedroppers@ops.ietf.org>) id 1N7Hvi-000B1Q-86 for
namedroppers-data0@psg.com; Mon, 09 Nov 2009 00:16:22 +0000
Received: from [213.178.172.147] (helo=TR-Sys.de) by psg.com with esmtp (Exim
4.69 (FreeBSD)) (envelope-from <A.Hoenes@TR-Sys.de>) id 1N7Hvf-000B0y-3j for
namedroppers@ops.ietf.org; Mon, 09 Nov 2009 00:16:20 +0000
Received: from ZEUS.TR-Sys.de by w. with ESMTP ($Revision: 1.37.109.26
$/16.3.2) id AA099745714; Mon, 9 Nov 2009 01:15:14 +0100
Received: (from ah@localhost) by z.TR-Sys.de (8.9.3 (PHNE_25183)/8.7.3) id
BAA03519; Mon, 9 Nov 2009 01:15:13 +0100 (MEZ)
From: Alfred =?hp-roman8?B?SM5uZXM=?= <ah@TR-Sys.de>
Message-Id: <200911090015.BAA03519@TR-Sys.de>
Subject: Re: [dnsext] draft-li-dnsext-ipv4-ipv6 -- a more versatile proposal
To: cheshire@apple.com, namedroppers@ops.ietf.org
Date: Mon, 9 Nov 2009 01:15:13 +0100 (MEZ)
In-Reply-To: <38CCBAA1-1814-4BFE-B0DD-F8549B1E66CB@apple.com> from Stuart
Cheshire at Nov "6, " 2009 "09:33:19" pm
X-Mailer: ELM [$Revision: 1.17.214.3 $]
Mime-Version: 1.0
Content-Type: text/plain; charset=hp-roman8
Content-Transfer-Encoding: 8bit
Sender: owner-namedroppers@ops.ietf.org
Precedence: bulk
List-ID: <namedroppers.ops.ietf.org>
List-Unsubscribe: To unsubscribe send a message to
namedroppers-request@ops.ietf.org with
List-Unsubscribe: the word 'unsubscribe' in a single line as the message text
body.
List-Archive: <http://ops.ietf.org/lists/namedroppers/>
Stuart Cheshire wrote: > On 6 Nov 2009, at 13:35, Paul Vixie wrote: > >> the way to handle this is to include >> AAAA as additional data in A responses, and include A as additional >> data in AAAA responses. > > > I agree. FWIW, this is exactly what we do in Multicast DNS: > > <http://tools.ietf.org/id/draft-cheshire-dnsext-multicastdns.txt> > > 8.2 Responding to Address Queries > > In Multicast DNS, whenever a Responder places an IPv4 or IPv6 address > record (rrtype "A" or "AAAA") into a response packet, it SHOULD also > place the corresponding other address type into the additional > section, if there is space in the packet. > > In addition, if there isn't a record of one or other type, we indicate > this using an NSEC record. I also had this draft in mind. But given the lack of acceptance of these ideas (and other multi-question proposals) in the IETF this did not seem a good base for a *new* proposal. The drawbacks of Additional Data have become more and more evident in the recent past, and Paul Vixie already has acknowledged that in a follow-up message to Andrew's response to his posting. There seems to be long established consensus that multiple questions (if considered at all) need to be restricted to same-QNAME plus same-QCLASS. Multiple Questions (QDCOUNT>1) incur the inherent problem that the consistency needs to be checked, with many novel error scenarios. Encoding a multi-question query in a way that inherently enforces that match-in-QNAME-and-QCLASS restriction and is at least equivalent (or even better) in terms of packet space requirements might turn out to be a superior idea. > This is for cases like where an SRV response has an A record in the > additional section but no AAAA. Including the NSEC asserting the > nonexistence of AAAA records saves us having to do another round-trip > to get the no-answer-no-error response telling us that the name has no > AAAA records. > > In the event that a device has only IPv4 addresses but no IPv6 > addresses, or vice versa, then the appropriate NSEC record SHOULD > be placed into the additional section, so that queriers can know > with certainty that the device has no addresses of that kind. Additional Section processing for RR types that already do specify that is entirely orthogonal to the problem considered and I would very much prefer to leave it out of scope of this discussion. There seems to have been consensus in the past that Additional Section processing for new RR types should be avoided wherever possible. > > Stuart Cheshire <cheshire@apple.com> > * Wizard Without Portfolio, Apple Inc. > * Internet Architecture Board > * www.stuartcheshire.org The problem with similar specifications is that they *change* existing specifications in an incompatible way, making attempts to do so a horrible cross-country ride in the IETF. Adding new elements and confining new behavior to these elements seems to be more appreciated in general, because the interactions needed at layer 8 and above are less difficult then. :-) Specific exceptional rules based on RR type are inflexible and a burden for server implementations. I have tried to find a way to escape these complications. Given the apparent interest in my proposal (only sketched so far in coarse granularity), I'll try to write it up in an I-D ASAP -- but please admit roughly 3 weeks due to pending other efforts. There remain design choices -- e.g., new meta RR type plus RGMASK EDNS option (as noted in my proposal), or RGMASK alone, combined with any 'Data' RR type (omitted from the initial proposal for brevity) --, and incremental deployment considerations need to be pursued in detail. Hints on other existing use cases for the "RR Group Query" are welcome in the interim! A related request I'd like to recall: Could we please consider in the EDNS0-bis effort a means to signal the intended behavior regarding EDNS options that the queried server does not "know" (as in several routing protocols and RSVP) ? The most easiest way to do so would be to assign semantics to 2 or 3 most significant bits of the EDNS option type, thus leaving all legacy options untouched. Useful encoded behavior would include "mandatory to support", "ignore if unknown", "echo unchanged", etc. This would be a small "one-change-forever" detail, but a big deal for the incremental deployment of new EDNS options, such as the RGMASK proposed for RR Group Queries. (See also the IAB deliberations on protocol extensibility in draft-iab-extension-recs.) More thoughts on this detail soon in a specific note on draft-ietf-dnsext-rfc2671bis-edns0. Kind regards, Alfred Hönes. -- +------------------------+--------------------------------------------+ | TR-Sys Alfred Hoenes | Alfred Hoenes Dipl.-Math., Dipl.-Phys. | | Gerlinger Strasse 12 | Phone: (+49)7156/9635-0, Fax: -18 | | D-71254 Ditzingen | E-Mail: ah@TR-Sys.de | +------------------------+--------------------------------------------+
- [dnsext] draft-li-dnsext-ipv4-ipv6 -- a more vers… Alfred Hönes
- Re: [dnsext] draft-li-dnsext-ipv4-ipv6 -- a more … Matthew Dempsky
- Re: [dnsext] draft-li-dnsext-ipv4-ipv6 -- a more … Paul Vixie
- Re: [dnsext] draft-li-dnsext-ipv4-ipv6 -- a more … Andrew Sullivan
- Re: [dnsext] draft-li-dnsext-ipv4-ipv6 -- a more … Alfred Hönes
- Re: [dnsext] draft-li-dnsext-ipv4-ipv6 -- a more … Paul Vixie
- Re: [dnsext] draft-li-dnsext-ipv4-ipv6 -- a more … Masataka Ohta
- Re: [dnsext] draft-li-dnsext-ipv4-ipv6 -- a more … Stuart Cheshire
- [dnsext] Re: draft-li-dnsext-ipv4-ipv6 -- a more … Stephane Bortzmeyer
- Re: [dnsext] draft-li-dnsext-ipv4-ipv6 -- a more … Andras Salamon
- [dnsext] Re: draft-li-dnsext-ipv4-ipv6 -- a more … Stephane Bortzmeyer
- [dnsext] Re: draft-li-dnsext-ipv4-ipv6 -- a more … Andras Salamon
- [dnsext] Re: draft-li-dnsext-ipv4-ipv6 -- a more … Stephane Bortzmeyer
- RE: [dnsext] draft-li-dnsext-ipv4-ipv6 -- a more … mohamed.boucadair
- Re: [dnsext] draft-li-dnsext-ipv4-ipv6 -- a more … Alfred Hönes
- [dnsext] Re: draft-li-dnsext-ipv4-ipv6 -- a more … Stephane Bortzmeyer
- [dnsext] RE: draft-li-dnsext-ipv4-ipv6 -- a more … mohamed.boucadair
- Re: [dnsext] draft-li-dnsext-ipv4-ipv6 -- a more … Paul Vixie
- Re: [dnsext] draft-li-dnsext-ipv4-ipv6 -- a more … bmanning
- Re: [dnsext] draft-li-dnsext-ipv4-ipv6 -- a more … Paul Vixie
- Re: [dnsext] draft-li-dnsext-ipv4-ipv6 -- a more … Ted Lemon
- [dnsext] Re: draft-li-dnsext-ipv4-ipv6 -- a more … Stephane Bortzmeyer
- Re: [dnsext] Re: draft-li-dnsext-ipv4-ipv6 -- a m… John Levine
- [dnsext] Re: draft-li-dnsext-ipv4-ipv6 -- a more … Stephane Bortzmeyer