Re: [DNSOP] comments on draft-ietf-dnsop-resolver-priming-02
Chris Thompson <cet1@cam.ac.uk> Mon, 09 November 2009 21:26 UTC
Return-Path: <cet1@hermes.cam.ac.uk>
X-Original-To: dnsop@core3.amsl.com
Delivered-To: dnsop@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 4FF2F28C25B for <dnsop@core3.amsl.com>; Mon, 9 Nov 2009 13:26:45 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.785
X-Spam-Level:
X-Spam-Status: No, score=-4.785 tagged_above=-999 required=5 tests=[AWL=1.814, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id YOBzHO+1mn8s for <dnsop@core3.amsl.com>; Mon, 9 Nov 2009 13:26:44 -0800 (PST)
Received: from ppsw-0.csi.cam.ac.uk (ppsw-0.csi.cam.ac.uk [131.111.8.130]) by core3.amsl.com (Postfix) with ESMTP id 3B4AE28C24D for <dnsop@ietf.org>; Mon, 9 Nov 2009 13:26:44 -0800 (PST)
X-Cam-AntiVirus: no malware found
X-Cam-SpamDetails: not scanned
X-Cam-ScannerInfo: http://www.cam.ac.uk/cs/email/scanner/
Received: from hermes-1.csi.cam.ac.uk ([131.111.8.51]:41069) by ppsw-0.csi.cam.ac.uk (smtp.hermes.cam.ac.uk [131.111.8.150]:25) with esmtpa (EXTERNAL:cet1) id 1N7blV-0006og-2u (Exim 4.70) for dnsop@ietf.org (return-path <cet1@hermes.cam.ac.uk>); Mon, 09 Nov 2009 21:27:09 +0000
Received: from prayer by hermes-1.csi.cam.ac.uk (hermes.cam.ac.uk) with local (PRAYER:cet1) id 1N7blV-0000H7-Sc (Exim 4.67) for dnsop@ietf.org (return-path <cet1@hermes.cam.ac.uk>); Mon, 09 Nov 2009 21:27:09 +0000
Received: from [131.111.11.47] by webmail.hermes.cam.ac.uk with HTTP (Prayer-1.3.2); 09 Nov 2009 21:27:09 +0000
Date: Mon, 09 Nov 2009 21:27:09 +0000
From: Chris Thompson <cet1@cam.ac.uk>
To: dnsop@ietf.org
Message-ID: <Prayer.1.3.2.0911092127090.20927@hermes-1.csi.cam.ac.uk>
In-Reply-To: <m2639jya1m.wl%jinmei@isc.org>
References: <m2639jya1m.wl%jinmei@isc.org>
X-Mailer: Prayer v1.3.2
Mime-Version: 1.0
Content-Type: text/plain; format="flowed"; charset="ISO-8859-1"
Sender: Chris Thompson <cet1@hermes.cam.ac.uk>
Subject: Re: [DNSOP] comments on draft-ietf-dnsop-resolver-priming-02
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
Reply-To: cet1@cam.ac.uk
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dnsop>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 09 Nov 2009 21:26:45 -0000
I think I would like to ask "what's special about priming anyway?". As part of explaining how the DNS works, I tend to include something along the following lines: Q. Why does the root "hint" zone not look like a real zone? A. Because it isn't a zone at all, it's a referral. Q. A referral? from where? A. It's the referral from Trantor[*] when asked about anything in this poxy little planet-bound Internet. See: the NS records are the Authority section of the referral, and the address records are the glue in the Additional section. (Because all the nameservers are on the same planet! Shocking...) We keep a local copy because the RTT to Trantor is inconveniently long, and the referral always looks the same anyway, apart from the Question section. [*] Feel free to substitute the Galactic Centre of your choice. The logic is: if you don't have any record of nameservers in your cache superior to the name being queried for (because they have been timed out, squeezed out for lack of memory, or you have just started up), then invent the appropriate referral based on the root "hints" and take it from there. It seems to me that this is more or less how RFC1034 is saying the SBELT structure should be used, except that we no longer think it appropriate to have customised referrals-from-Trantor including "two of the servers for the host's domain". Now I am aware that this isn't exactly how nameservers are actually programmed, and that they perform explicit priming rather than the "lazy priming" implied above. But would it actually matter if they did it that way? And maybe the right attitude towards explicit priming ought to be "don't do it in a way that makes more queries to the root servers than lazy priming would". -- Chris Thompson University of Cambridge Computing Service, Email: cet1@ucs.cam.ac.uk New Museums Site, Cambridge CB2 3QH, Phone: +44 1223 334715 United Kingdom.
- [DNSOP] comments on draft-ietf-dnsop-resolver-pri… JINMEI Tatuya / 神明達哉
- Re: [DNSOP] comments on draft-ietf-dnsop-resolver… Peter Koch
- Re: [DNSOP] comments on draft-ietf-dnsop-resolver… Chris Thompson