Re: [DNSOP] ANAME in answer or additional section [issue #62]
Tony Finch <dot@dotat.at> Thu, 20 June 2019 12:42 UTC
Return-Path: <dot@dotat.at>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E5EDC120071 for <dnsop@ietfa.amsl.com>; Thu, 20 Jun 2019 05:42:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.199
X-Spam-Level:
X-Spam-Status: No, score=-4.199 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_NONE=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QWohJ91ulKKu for <dnsop@ietfa.amsl.com>; Thu, 20 Jun 2019 05:42:39 -0700 (PDT)
Received: from ppsw-31.csi.cam.ac.uk (ppsw-31.csi.cam.ac.uk [131.111.8.131]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AC43F12004E for <dnsop@ietf.org>; Thu, 20 Jun 2019 05:42:39 -0700 (PDT)
X-Cam-AntiVirus: no malware found
X-Cam-ScannerInfo: http://help.uis.cam.ac.uk/email-scanner-virus
Received: from grey.csi.cam.ac.uk ([131.111.57.57]:46236) by ppsw-31.csi.cam.ac.uk (ppsw.cam.ac.uk [131.111.8.137]:25) with esmtps (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) id 1hdwOi-000GWM-Ly (Exim 4.92) (return-path <dot@dotat.at>); Thu, 20 Jun 2019 13:42:36 +0100
Date: Thu, 20 Jun 2019 13:42:36 +0100
From: Tony Finch <dot@dotat.at>
To: Matthijs Mekking <matthijs@pletterpet.nl>
cc: "dnsop@ietf.org" <dnsop@ietf.org>
In-Reply-To: <3b136e34-7ec0-e144-2c2a-0885185ec2b1@pletterpet.nl>
Message-ID: <alpine.DEB.2.20.1906201315510.8402@grey.csi.cam.ac.uk>
References: <3b136e34-7ec0-e144-2c2a-0885185ec2b1@pletterpet.nl>
User-Agent: Alpine 2.20 (DEB 67 2015-01-07)
MIME-Version: 1.0
Content-Type: text/plain; charset="US-ASCII"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/6gXag9I_g0aAGc_eRVxzJQRv0fo>
Subject: Re: [DNSOP] ANAME in answer or additional section [issue #62]
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 20 Jun 2019 12:42:42 -0000
Matthijs Mekking <matthijs@pletterpet.nl> wrote: > The main argument for putting it in the additional section is that given > the experience with DNAME, putting the ANAME in the answer section there > is a risk of interop problems (because there is an unexpected record in > the answer section). I think ANAME will cause too many problems if it puts unexpected records in the answer section. Speaking as an ANAME proponent, the reason ANAME is such a hack is for compatibility with the installed base, and it will be annoying if it isn't actually compatible and we have to wait another 10+ years to be able to use it without worries. We (mostly Chris Thompson) deployed DNAME in the reverse DNS in 2010 (the DNAME specification was published in 1999) and we observed at least two annoying interoperability problems: * glibc chattering noisily in syslog (fixed only 2 years ago) https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=b9b026c9c00db1a1b5b4a3caa28162655a04a882 * mail delivery failures - MTAs typically have their own DNS message handling code which is often super careful I expect that there will be several more interestingly problematic DNAME failures in the forward DNS. Tony. -- f.anthony.n.finch <dot@dotat.at> http://dotat.at/ Gibraltar Point to North Foreland: Variable, mainly southwesterly 3 to 5, occasionally 6 in south. Smooth or slight, occasionally moderate in south. Showers then fair. Good, occasionally moderate at first.
- [DNSOP] ANAME in answer or additional section [is… Matthijs Mekking
- Re: [DNSOP] ANAME in answer or additional section… Bob Harold
- Re: [DNSOP] ANAME in answer or additional section… Michael J. Sheldon
- Re: [DNSOP] ANAME in answer or additional section… Evan Hunt
- Re: [DNSOP] ANAME in answer or additional section… Anthony Eden
- Re: [DNSOP] ANAME in answer or additional section… Joe Abley
- Re: [DNSOP] ANAME in answer or additional section… Joe Abley
- Re: [DNSOP] ANAME in answer or additional section… Brian Dickson
- Re: [DNSOP] ANAME in answer or additional section… Evan Hunt
- Re: [DNSOP] ANAME in answer or additional section… Matthijs Mekking
- Re: [DNSOP] ANAME in answer or additional section… Matthijs Mekking
- Re: [DNSOP] ANAME in answer or additional section… Brian Dickson
- Re: [DNSOP] ANAME in answer or additional section… Joe Abley
- Re: [DNSOP] ANAME in answer or additional section… Bob Harold
- Re: [DNSOP] ANAME in answer or additional section… Brian Dickson
- Re: [DNSOP] ANAME in answer or additional section… Matthijs Mekking
- Re: [DNSOP] ANAME in answer or additional section… Bob Harold
- Re: [DNSOP] ANAME in answer or additional section… Thomas Peterson
- Re: [DNSOP] ANAME in answer or additional section… Tony Finch