Re: [DNSOP] draft-tale-dnsop-serve-stale

Robert Edmonds <> Mon, 27 March 2017 22:47 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 4848B129577 for <>; Mon, 27 Mar 2017 15:47:01 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.902
X-Spam-Status: No, score=-1.902 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RP_MATCHES_RCVD=-0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id FMOOgSiTB_Dl for <>; Mon, 27 Mar 2017 15:46:59 -0700 (PDT)
Received: from ( []) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 27532126E3A for <>; Mon, 27 Mar 2017 15:46:55 -0700 (PDT)
Received: by (Postfix, from userid 1000) id 93E7F12C10F2; Mon, 27 Mar 2017 18:46:54 -0400 (EDT)
Date: Mon, 27 Mar 2017 18:46:54 -0400
From: Robert Edmonds <>
To: Jared Mauch <>
Cc: paul vixie <>,, Dave Lawrence <>
Message-ID: <>
References: <> <> <>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
In-Reply-To: <>
Archived-At: <>
Subject: Re: [DNSOP] draft-tale-dnsop-serve-stale
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: IETF DNSOP WG mailing list <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Mon, 27 Mar 2017 22:47:01 -0000

Jared Mauch wrote:
> IOn Mar 27, 2017, at 5:59 PM, P Vix <> wrote:
> > 
> > I agree to review and comment. Note that I am provisionally negative to the idea itself, and my review may reflect that. Vixie
> I will note there are other implementations out there as well, such as in unbound.  serve-expired configuration directive is available there as well.

Though, the algorithm described in this document is a much different
algorithm than the one in Unbound.

If I understand Unbound's serve-expired algorithm correctly, it always
serves from cache if available (regardless of expiration status), and if
what it served to the client happened to be expired, it triggers a
post-response fetch to update the cache asynchronously. That can end up
serving a lot more stale bread than is strictly necessary if your
Unbound server only serves a few clients.

(I guess Unbound could sort of be said to implement this draft, but with
the client response timer hardcoded to 0 and the maximum stale timer
hardcoded to ∞.)

I support adoption of this document.

Robert Edmonds