IETF Logo Mail Archive

Re: [DNSOP] draft-ietf-dnsop-refuse-any and DO=0

Jared Mauch <jared@puck.nether.net> Mon, 08 February 2016 15:37 UTC

Return-Path: <jared@puck.nether.net>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AA1731B2D48 for <dnsop@ietfa.amsl.com>; Mon, 8 Feb 2016 07:37:13 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.203
X-Spam-Level:
X-Spam-Status: No, score=-4.203 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id t346_xoKxmT9 for <dnsop@ietfa.amsl.com>; Mon, 8 Feb 2016 07:37:12 -0800 (PST)
Received: from puck.nether.net (puck.nether.net [204.42.254.5]) by ietfa.amsl.com (Postfix) with ESMTP id 443301B2D41 for <dnsop@ietf.org>; Mon, 8 Feb 2016 07:37:12 -0800 (PST)
Received: from [10.10.10.183] (unknown [40.128.180.7]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by puck.nether.net (Postfix) with ESMTPSA id 69D0A54042D; Mon, 8 Feb 2016 10:37:10 -0500 (EST)
Mime-Version: 1.0 (Mac OS X Mail 9.2 \(3112\))
Content-Type: text/plain; charset="utf-8"
From: Jared Mauch <jared@puck.nether.net>
In-Reply-To: <alpine.LSU.2.00.1602081502360.11434@hermes-2.csi.cam.ac.uk>
Date: Mon, 08 Feb 2016 10:37:09 -0500
Content-Transfer-Encoding: quoted-printable
Message-Id: <8126C49E-5AB3-45CA-B441-DB2809F6DD2E@puck.nether.net>
References: <alpine.LSU.2.00.1602052158390.7000@hermes-2.csi.cam.ac.uk> <alpine.LSU.2.00.1602071411270.2469@hermes-2.csi.cam.ac.uk> <20160207200449.GA74042@isc.org> <alpine.LSU.2.00.1602081502360.11434@hermes-2.csi.cam.ac.uk>
To: Tony Finch <dot@dotat.at>
X-Mailer: Apple Mail (2.3112)
Archived-At: <http://mailarchive.ietf.org/arch/msg/dnsop/-9N4sRjM7MczUfHYHve4AO0vLxw>
Cc: Evan Hunt <each@isc.org>, dnsop@ietf.org
Subject: Re: [DNSOP] draft-ietf-dnsop-refuse-any and DO=0
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 08 Feb 2016 15:37:13 -0000

> On Feb 8, 2016, at 10:33 AM, Tony Finch <dot@dotat.at> wrote:
> 
> Doing anything more determinate would require an extra loop over the data
> to choose, before the loop that builds the response. (Actually I can
> probably avoid two loops if I'm clever.) I didn't think I cared enough to
> do that. However some answers from my zones (e.g. DNSKEY) are bigger than
> 512 bytes and so can cause truncation and TCP, so maybe I do care after
> all.

Or just having the TCP implementation in BIND get improved as it’s clear there
are some more people pushing in this direction.  I’m looking at just putting
something like DNSDIST on my hosts to process TCP and balance it across
multiple daemons to do the query scale.

- Jared

v2.23.0 | Report a Bug | By Email