Re: [dnsext] draft-ietf-dnsext-rfc1995bis-ixfr -- questions on s3.2.3
Andreas Gustafsson <gson@araneus.fi> Fri, 20 April 2012 09:00 UTC
Return-Path: <gson@araneus.fi>
X-Original-To: dnsext@ietfa.amsl.com
Delivered-To: dnsext@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2006821F8569 for <dnsext@ietfa.amsl.com>; Fri, 20 Apr 2012 02:00:51 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zkiC4FWelx8z for <dnsext@ietfa.amsl.com>; Fri, 20 Apr 2012 02:00:50 -0700 (PDT)
Received: from gunk.araneus.fi (gunk.araneus.fi [166.84.6.82]) by ietfa.amsl.com (Postfix) with ESMTP id 15E5821F84BF for <dnsext@ietf.org>; Fri, 20 Apr 2012 02:00:49 -0700 (PDT)
Received: from guava.gson.org (guava.gson.org [10.0.11.2]) by gunk.araneus.fi (Postfix) with ESMTP id 9BBC71D01B8; Fri, 20 Apr 2012 09:00:46 +0000 (UTC)
Received: by guava.gson.org (Postfix, from userid 101) id 43D2775E62; Fri, 20 Apr 2012 12:00:47 +0300 (EEST)
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Message-ID: <20369.9662.782882.466650@guava.gson.org>
Date: Fri, 20 Apr 2012 12:00:46 +0300
To: Alfred Hoenes <ah@TR-Sys.de>
In-Reply-To: <201204182159.XAA00506@TR-Sys.de>
References: <201204182159.XAA00506@TR-Sys.de>
X-Mailer: VM 8.0.14 under 21.4.1 (i386--netbsdelf)
From: Andreas Gustafsson <gson@araneus.fi>
Cc: dnsext@ietf.org
Subject: Re: [dnsext] draft-ietf-dnsext-rfc1995bis-ixfr -- questions on s3.2.3
X-BeenThere: dnsext@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: DNS Extensions working group discussion list <dnsext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsext>, <mailto:dnsext-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dnsext>
List-Post: <mailto:dnsext@ietf.org>
List-Help: <mailto:dnsext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsext>, <mailto:dnsext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 20 Apr 2012 09:00:51 -0000
Alfred, You wrote: > As already indicated in the draft, there are a few specific > conditions where the interpreation of an IXFR response cannot be > disambiguated until (and if) the next response message arrives, > unless IXFR servers are required to packetize their responses > in a manner that allows immediate disambiguation at the client. > Waiting (in corner cases) for another response message in a given > IXFR session in order to eventually determine the status of the > response requires the IXFR client to set a timeout and wait -- as > a normal protocol operation. All such timeouts are generally > regarded as detrimental, and in particular detrimental to the > performance optimization we have as a target goal for IXFR. Waiting for additional messages to arrive (with a timeout for error recovery) is a standard part of any protocol involving multi-message responses and should not be considered detrimental as such. The detrimental case would be if a client could not determine in advance whether or not the server is going to send another message, and had to resort to using a timeout as a way of detecting the end of the response as part of normal protocol operation. The IXFR protocol as specified in RFC 1995 does *not* require clients to resort to such methods; it is always possible for an RFC 1995 client to unambiguously determine whether or not the server will send an additional message. Digging in the archives, I found a draft from an earlier effort to produce an update to the IXFR specification, back in 2000: http://tools.ietf.org/html/draft-ietf-dnsext-ixfr-01 Quoting that draft: A slave receiving an IXFR response needs to classify it as one of the following four cases: UDP-overflow An indication that the transfer will not fit in a UDP packet and should be retried over TCP up-to-date An indication that the serial number of the request is current and no transfer is necessary incremental An incremental transfer nonincremental A full zone transfer Performing this classification requires some care. For example, UDP-overflow responses differ from UDP up-to-date responses only in the value of the SOA serial number. Also, to distinguish between a nonincremental and an incremental transfer, the slave needs to receive the first two response RRs and check whether the second one is a SOA. If the master chose to transmit each RR in a separate TCP message, this involves waiting for a second TCP response message. On the other hand, in the case of an up-to-date response, the slave must not wait for a second TCP message as doing so would cause it to hang waiting for a message the master will never send. Therefore, the slave must examine the first message and eliminate the possibility that it is a TCP up-to-date response before it attempts to receive a second message. Slaves must not attempt to classify a response based on incidental information such as the presence or absence of a question section, the QTYPE field of a possible question section, or the number of response RRs in a TCP response message. An example algorithm for classifying IXFR responses appears in Appendix A. > Therefore, unless strong consensus to the contrary arises quickly, > the next draft version will contain a more precise description of > what conditions indicate the end of an IXFR response, and how the > different kinds of IXFR responses are to be disambiguated. I suggest doing the latter by reusing the above quoted text from draft-ietf-dnsext-ixfr-01, and/or the pseudocode from its Appendix A. > But this needs to impose on IXFR servers a very few new, specific, > stronger requirements for the packetization of their responses. > These conditions already are in the draft, but the text will be > revised to distinguish the new requirements and spell out the > rationale. I still say there is no actual need to introduce any such new packetization requirements. Regards, -- Andreas Gustafsson, gson@araneus.fi
- [dnsext] draft-ietf-dnsext-rfc1995bis-ixfr -- que… Alfred Hönes
- Re: [dnsext] draft-ietf-dnsext-rfc1995bis-ixfr --… Alfred Hönes
- Re: [dnsext] draft-ietf-dnsext-rfc1995bis-ixfr --… Andreas Gustafsson
- Re: [dnsext] draft-ietf-dnsext-rfc1995bis-ixfr --… Alfred Hönes
- Re: [dnsext] draft-ietf-dnsext-rfc1995bis-ixfr --… Andreas Gustafsson