Re: [DNSOP] fyi [Pdns-users] Please test: ALIAS/ANAME apex record in PowerDNS
Paul Vixie <paul@redbarn.org> Sun, 21 September 2014 22:52 UTC
Return-Path: <paul@redbarn.org>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B8F491A0373 for <dnsop@ietfa.amsl.com>; Sun, 21 Sep 2014 15:52:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.599
X-Spam-Level:
X-Spam-Status: No, score=-6.599 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_IMAGE_ONLY_32=0.001, HTML_MESSAGE=0.001, MIME_8BIT_HEADER=0.3, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id CRq1WREi4JCL for <dnsop@ietfa.amsl.com>; Sun, 21 Sep 2014 15:52:17 -0700 (PDT)
Received: from ss.vix.su (ss.vix.su [24.104.150.2]) (using TLSv1 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 073AC1A02DC for <dnsop@ietf.org>; Sun, 21 Sep 2014 15:52:17 -0700 (PDT)
Received: from [IPv6:2001:559:8000:cb:4d22:8c69:63c0:762a] (unknown [IPv6:2001:559:8000:cb:4d22:8c69:63c0:762a]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by ss.vix.su (Postfix) with ESMTPSA id DC5FAEBC5E; Sun, 21 Sep 2014 22:52:16 +0000 (UTC) (envelope-from paul@redbarn.org)
Message-ID: <541F569D.9040508@redbarn.org>
Date: Sun, 21 Sep 2014 15:52:13 -0700
From: Paul Vixie <paul@redbarn.org>
User-Agent: Postbox 3.0.11 (Windows/20140602)
MIME-Version: 1.0
To: Colm MacCárthaigh <colm@allcosts.net>
References: <20140921115222.GB16178@xs.powerdns.com> <541F1AE8.6010709@redbarn.org> <CAAF6GDdttYNDBDSROiHSGkkvRZ5Pxfm0W_d68x=POXgU_SsYOg@mail.gmail.com>
In-Reply-To: <CAAF6GDdttYNDBDSROiHSGkkvRZ5Pxfm0W_d68x=POXgU_SsYOg@mail.gmail.com>
X-Enigmail-Version: 1.2.3
Content-Type: multipart/alternative; boundary="------------090506090709000402060808"
Archived-At: http://mailarchive.ietf.org/arch/msg/dnsop/-SW0Hg_M-1PA6zeFz-K4mkA02TQ
Cc: "dnsop@ietf.org" <dnsop@ietf.org>
Subject: Re: [DNSOP] fyi [Pdns-users] Please test: ALIAS/ANAME apex record in PowerDNS
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 21 Sep 2014 22:52:19 -0000
> Colm MacCárthaigh <mailto:colm@allcosts.net> > Sunday, September 21, 2014 3:33 PM > > > i'd be very interested in a standards-track (interoperable; > including DNSSEC support and AXFR/IXFR) version of this feature. > my hope is that you will remove out-of-zone capability here, that > is, the target of ALIAS should have to be authority data in the > same zone. > > > But then the feature is pointless; you could just include the record > directly at the apex if you knew what the value should be. you make a good point. i'm curious about the implication. does the ANAME(/ALIAS) server proxy every request, so, no caching? or, if it caches, does it implement "client subnet"? and, either way: if the proxied request times out (or servfails), does the original authority request also time out (or servfail?) and i wonder-- if the proxy request returns NXDOMAIN, what does the authority answer with? what the implementers of this nonstandard feature seem to want is cname-and-other-data, by which i mean, a requester-visible alias that can live at the apex, and then have its target resolved in the requester's context. i'm not sure how best to do it, but i'm not liking the implications of always-proxy nor proxy-with-cache. -- Paul Vixie
- Re: [DNSOP] fyi [Pdns-users] Please test: ALIAS/A… Paul Vixie
- [DNSOP] fyi [Pdns-users] Please test: ALIAS/ANAME… bert hubert
- Re: [DNSOP] fyi [Pdns-users] Please test: ALIAS/A… Paul Hoffman
- Re: [DNSOP] fyi [Pdns-users] Please test: ALIAS/A… bert hubert
- Re: [DNSOP] fyi [Pdns-users] Please test: ALIAS/A… Dick Franks
- Re: [DNSOP] fyi [Pdns-users] Please test: ALIAS/A… Suzanne Woolf
- Re: [DNSOP] fyi [Pdns-users] Please test: ALIAS/A… Doug Barton
- Re: [DNSOP] fyi [Pdns-users] Please test: ALIAS/A… Doug Barton
- Re: [DNSOP] fyi [Pdns-users] Please test: ALIAS/A… David Conrad
- Re: [DNSOP] fyi [Pdns-users] Please test: ALIAS/A… Paul Vixie
- Re: [DNSOP] fyi [Pdns-users] Please test: ALIAS/A… David Conrad
- Re: [DNSOP] fyi [Pdns-users] Please test: ALIAS/A… Colm MacCárthaigh
- Re: [DNSOP] fyi [Pdns-users] Please test: ALIAS/A… Paul Vixie
- Re: [DNSOP] fyi [Pdns-users] Please test: ALIAS/A… Suzanne Woolf
- Re: [DNSOP] fyi [Pdns-users] Please test: ALIAS/A… Tony Finch
- Re: [DNSOP] fyi [Pdns-users] Please test: ALIAS/A… Tony Finch
- Re: [DNSOP] fyi [Pdns-users] Please test: ALIAS/A… Tony Finch
- Re: [DNSOP] fyi [Pdns-users] Please test: ALIAS/A… John Levine
- Re: [DNSOP] fyi [Pdns-users] Please test: ALIAS/A… Dick Franks
- Re: [DNSOP] fyi [Pdns-users] Please test: ALIAS/A… Tony Finch
- Re: [DNSOP] fyi [Pdns-users] Please test: ALIAS/A… Andrew Sullivan
- Re: [DNSOP] fyi [Pdns-users] Please test: ALIAS/A… Dick Franks
- Re: [DNSOP] DNSSEC and ALIAS/ANAME apex record in… Paul Hoffman
- Re: [DNSOP] fyi [Pdns-users] Please test: ALIAS/A… Tony Finch
- Re: [DNSOP] fyi [Pdns-users] Please test: ALIAS/A… Colm MacCárthaigh
- Re: [DNSOP] fyi [Pdns-users] Please test: ALIAS/A… Olafur Gudmundsson
- Re: [DNSOP] fyi [Pdns-users] Please test: ALIAS/A… bert hubert
- Re: [DNSOP] fyi [Pdns-users] Please test: ALIAS/A… bert hubert
- Re: [DNSOP] fyi [Pdns-users] Please test: ALIAS/A… Paul Wouters