Re: [DNSOP] Adoption of new EDNS opcode "rrserial"
Hugo Salgado <hsalgado@nic.cl> Mon, 10 May 2021 16:37 UTC
Return-Path: <hsalgado@nic.cl>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7C7703A22DB for <dnsop@ietfa.amsl.com>; Mon, 10 May 2021 09:37:25 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ldOYS35zB27q for <dnsop@ietfa.amsl.com>; Mon, 10 May 2021 09:37:20 -0700 (PDT)
Received: from mail.nic.cl (mail.nic.cl [IPv6:2001:1398:1::6008]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 92C8C3A115F for <dnsop@ietf.org>; Mon, 10 May 2021 09:37:20 -0700 (PDT)
Received: from mail.nic.cl (localhost [127.0.0.1]) by mail.nic.cl (Postfix) with ESMTP id AAAB1195D6425; Mon, 10 May 2021 12:37:17 -0400 (-04)
Received: from pepino (unknown [190.163.103.228]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.nic.cl (Postfix) with ESMTPSA id 92385195D6423; Mon, 10 May 2021 12:37:17 -0400 (-04)
Date: Mon, 10 May 2021 12:37:16 -0400
From: Hugo Salgado <hsalgado@nic.cl>
To: Mauricio Vergara Ereche <mave@cero32.cl>
Cc: dnsop@ietf.org
Message-ID: <20210510163716.GC5718@pepino>
References: <20200127150847.taxhqeipwq6jg2rr@nic.cl> <CAAk_VVivs96dL-qVw8rqSXjkukBFHPyr2htWApbb44SVyQsGag@mail.gmail.com> <20210507164749.GC91746@pepino>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg="pgp-sha512"; protocol="application/pgp-signature"; boundary="32u276st3Jlj2kUU"
Content-Disposition: inline
In-Reply-To: <20210507164749.GC91746@pepino>
X-Virus-Scanned: ClamAV using ClamSMTP on Mon May 10 12:37:17 2021 -0400 (-04) (mail.nic.cl)
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/8RixMnAXRggBwFLrWw49s21OiDY>
Subject: Re: [DNSOP] Adoption of new EDNS opcode "rrserial"
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 10 May 2021 16:37:26 -0000
Hello everyone. Thanks for the comments, I just uploaded an unchanged version (just to revive it) at: https://datatracker.ietf.org/doc/draft-salgado-dnsop-RRSERIAL/ I agree RRSERIAL doesn't have much relevance in zones that don't give serial versioning a meaning to its content. We can add a paragraph about it, to make the applicability more clear. I also don't think we should start to "deprecate" the SOA serial meaning at this point. One can say that "modern" implementations using complex backends makes SOA serials irrelevant, but there's certainly a use case for classic and mainly static behavior. Just as NSID adds an "infrastructure" identification dimension to a response, RRSERIAL adds the data versioning dimension. And responding to the comment that having multi-queries is better, is something that is long overdue, and would certainly make this hack obsolete. But I think the multi-query issues are so complex that it's worth moving forward incrementally in the meantime. For the same reason, I think we could aim for it to have "experimental" status at the start, and after a few years we measure it to see its use and we can adapt or change it to standard or deprecate it in favor of another qtype. Other issues that I think need more analysis is deciding whether it makes any sense to expose RRSERIAL in resolvers. The original idea was only in authoritatives, but it might make some sense to debug in resolvers as well, to somehow identify the "data source" of a cached record. In this sense, I fear an increase in cache requirements of resolvers, which should somehow maintain the extra data; and also in traffic and option availability for upstream auths. Hugo On 12:47 07/05, Hugo Salgado wrote: > I'll upload a new version to revive it, and ask for a slot > in IETF111 for further discussion! > > Thanks, > > Hugo > > On 22:02 06/05, Mauricio Vergara Ereche wrote: > > Hi Hugo, > > > > I just want to bring back to life this topic as it solves an issue that > > several operators (like me) seem to be in need to solve while debugging > > issues. > > > > Mauricio > > > > On Mon, Jan 27, 2020 at 7:09 AM Hugo Salgado <hsalgado@nic.cl> wrote: > > > > > Dear DNSOPers, as an operator I tend to have this need to couple > > > an answer for a query to an auth server, with the actual "SOA zone > > > version" used. So I think it'll be valuable to have an EDNS option > > > for it. > > > > > > Here I'm proposing it with this new draft. The 'camel index' for > > > its implementation/hack/proof-of-concept is about 37 lines in > > > NSD 4.1 (more details in Appendix A). > > > > > > I've asked some operators and they see value on it. Is there any > > > support for adoption in DNSOP? > > > > > > ----- > > > Name: draft-salgado-rrserial > > > Revision: 01 > > > Title: The "RRSERIAL" EDNS option for the SOA serial of a RR's > > > zone > > > Document date: 2020-01-27 > > > Group: Individual Submission > > > Pages: 5 > > > URL: > > > https://www.ietf.org/internet-drafts/draft-salgado-rrserial-01.txt > > > Status: https://datatracker.ietf.org/doc/draft-salgado-rrserial/ > > > Htmlized: https://tools.ietf.org/html/draft-salgado-rrserial-01 > > > Htmlized: > > > https://datatracker.ietf.org/doc/html/draft-salgado-rrserial > > > Diff: > > > https://www.ietf.org/rfcdiff?url2=draft-salgado-rrserial-01 > > > > > > Abstract: > > > The "RRSERIAL" EDNS option allows a DNS querier to ask a DNS > > > authoritative server to add a EDNS option in the answer of such query > > > with the SOA serial number field of the origin zone which contains > > > the answered resource record. > > > > > > This "RRSERIAL" data allows to debug problems and diagnosis by > > > helping to recognize the origin of an answer, associating this answer > > > with a respective zone version. > > > ----- > > > > > > Best, > > > > > > Hugo Salgado > > > > > > _______________________________________________ > > > DNSOP mailing list > > > DNSOP@ietf.org > > > https://www.ietf.org/mailman/listinfo/dnsop > > > > > > > > > -- > > Mauricio Vergara Ereche > > keybase.io/mave > _______________________________________________ > DNSOP mailing list > DNSOP@ietf.org > https://www.ietf.org/mailman/listinfo/dnsop
- [DNSOP] Adoption of new EDNS opcode "rrserial" Hugo Salgado
- Re: [DNSOP] Adoption of new EDNS opcode "rrserial" Hugo Salgado
- Re: [DNSOP] Adoption of new EDNS opcode "rrserial" Wessels, Duane
- [DNSOP] rrserial as a path to fame and fortune (w… Shane Kerr
- Re: [DNSOP] rrserial as a path to fame and fortun… Tony Finch
- Re: [DNSOP] rrserial as a path to fame and fortun… Vladimír Čunát
- Re: [DNSOP] rrserial as a path to fame and fortun… Hugo Salgado
- Re: [DNSOP] rrserial as a path to fame and fortun… Viktor Dukhovni
- Re: [DNSOP] Adoption of new EDNS opcode "rrserial" Mauricio Vergara Ereche
- Re: [DNSOP] Adoption of new EDNS opcode "rrserial" Hugo Salgado
- Re: [DNSOP] Adoption of new EDNS opcode "rrserial" Joe Abley
- Re: [DNSOP] Adoption of new EDNS opcode "rrserial" John Levine
- Re: [DNSOP] Adoption of new EDNS opcode "rrserial" Frederico A C Neves
- Re: [DNSOP] Adoption of new EDNS opcode "rrserial" Joe Abley
- Re: [DNSOP] Adoption of new EDNS opcode "rrserial" Brian Dickson
- Re: [DNSOP] Adoption of new EDNS opcode "rrserial" Donald Eastlake
- Re: [DNSOP] Adoption of new EDNS opcode "rrserial" Matthew Pounsett
- Re: [DNSOP] Adoption of new EDNS opcode "rrserial" Petr Špaček
- Re: [DNSOP] Adoption of new EDNS opcode "rrserial" Vladimír Čunát
- Re: [DNSOP] Adoption of new EDNS opcode "rrserial" Hugo Salgado
- Re: [DNSOP] Adoption of new EDNS opcode "rrserial" Joe Abley
- Re: [DNSOP] Adoption of new EDNS opcode "rrserial" Mauricio Vergara Ereche
- Re: [DNSOP] Adoption of new EDNS opcode "rrserial" Peter van Dijk
- Re: [DNSOP] Adoption of new EDNS opcode "rrserial" Tony Finch
- Re: [DNSOP] Adoption of new EDNS opcode "rrserial" Peter van Dijk