IETF Logo Mail Archive

Re: [DNSOP] [homenet] Fwd: WGLC on "redact" and "homenet-dot"

Shane Kerr <shane@time-travellers.org> Sun, 18 December 2016 15:43 UTC

Return-Path: <shane@time-travellers.org>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D067B1294C7 for <dnsop@ietfa.amsl.com>; Sun, 18 Dec 2016 07:43:17 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.902
X-Spam-Level:
X-Spam-Status: No, score=-1.902 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id q2GJmwzt66QZ for <dnsop@ietfa.amsl.com>; Sun, 18 Dec 2016 07:43:16 -0800 (PST)
Received: from time-travellers.nl.eu.org (c.time-travellers.nl.eu.org [IPv6:2a02:2770::21a:4aff:fea3:eeaa]) (using TLSv1.2 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 17BD31293DA for <dnsop@ietf.org>; Sun, 18 Dec 2016 07:43:16 -0800 (PST)
Received: from [2001:470:78c8:2:8451:b161:196c:6f38] (helo=pallas.home.time-travellers.org) by time-travellers.nl.eu.org with esmtpsa (TLS1.2:RSA_AES_256_CBC_SHA1:256) (Exim 4.80) (envelope-from <shane@time-travellers.org>) id 1cIddA-0003U1-Ak; Sun, 18 Dec 2016 15:44:08 +0000
Date: Sun, 18 Dec 2016 16:43:12 +0100
From: Shane Kerr <shane@time-travellers.org>
To: william manning <chinese.apricot@gmail.com>
Message-ID: <20161218164312.1986e55c@pallas.home.time-travellers.org>
In-Reply-To: <CACfw2hjmTPrW3pE14QYJ0eugHmaTtcqCzu6tBQbzYKUN1sHYfw@mail.gmail.com>
References: <20161214220428.1688.qmail@ary.lan> <CAH1iCioPZiO78j478BV7t=pTN9LZXQbweeBZQF2w3O1gKwx3XA@mail.gmail.com> <20161215011803.A2B705CE7CAA@rock.dv.isc.org> <CAH1iCir6R=DG+RM1BoMn1s31x3ZoN4bHLO7dWdVL-yCD3u3R0A@mail.gmail.com> <CAPt1N1=Mw=LSQ+dwFX2MFKTzSHMzWKAMLrW9fQPaAggMb+GJ-A@mail.gmail.com> <CAH1iCirFZtCWVkMqFp8Fb=wJLzmBNb2k5PfxKBRNUtgVR7cMXA@mail.gmail.com> <CAPt1N1nHmrRwAGGJCTwD=PhW1w=QHHSnvi1D3GN4kNxHSgapEA@mail.gmail.com> <20161215041912.32A8F5CE9152@rock.dv.isc.org> <CAPt1N1mwoGDuc8fn7mFd0R3cx_xQLBM3H=ye9L+ceE6kvUo-mQ@mail.gmail.com> <4195DBA6-6EAE-45CE-AD61-9236C62124D0@google.com> <alpine.OSX.2.11.1612151555520.6844@ary.local> <CAPt1N1mWLw-thMrVvztdSDkPp6zW8ptick4ZnDKUatBf44QfiA@mail.gmail.com> <49A7DCF7-9FEC-4572-BE88-D90B415F330A@virtualized.org> <CACfw2hg8x7u=F0pu8BFr6HMKkvApGs5svKAUR8XVY+rcc2CMgA@mail.gmail.com> <3F7679D3-F96B-4DE3-8C2B-CE44E347E4AD@virtualized.org> <CACfw2hjmTPrW3pE14QYJ0eugHmaTtcqCzu6tBQbzYKUN1sHYfw@mail.gmail.com>
X-Mailer: Claws Mail 3.14.1 (GTK+ 2.24.31; x86_64-pc-linux-gnu)
MIME-Version: 1.0
Content-Type: multipart/signed; micalg="pgp-sha256"; boundary="Sig_/lguCPlNgAc9CCcb8r/J1Z.c"; protocol="application/pgp-signature"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/E8h8FQrqo0G9323c-ySMqZWicmI>
Cc: "dnsop@ietf.org WG" <dnsop@ietf.org>
Subject: Re: [DNSOP] [homenet] Fwd: WGLC on "redact" and "homenet-dot"
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 18 Dec 2016 15:43:18 -0000

Bill,

At IETF 96 in Berlin, Warren gave a presentation discussing how Google
is using this in their recursive servers. Here's the link to the
recorded video for the whole dnsop session:

http://recs.conf.meetecho.com/Playout/watch.jsp?recording=IETF96_DNSOP&chapter=chapter_1

For me the most interesting slide is around minute 25 where we see
aggressive NSEC reducing the number of queries from Google servers to
the root by over 90%.

Cheers,

--
Shane

At 2016-12-17 12:17:17 -0800
william manning <chinese.apricot@gmail.com> wrote:

> David, it would seem that fact-driven processes might serve the operational
> ecosystem better than SWAG, don't you agree?
> Warren, do you have, even antecdotal data on the impact of aggressive NSEC
> and traffic to the roots, that would inform this discussion (maybe).  At
> least it would give the root operators a heads up that they were, once
> again, being asked to backstop issues that should be handled elsewhere.
> 
> /Wm
> 
> On Sat, Dec 17, 2016 at 11:42 AM, David Conrad <drc@virtualized.org> wrote:
> 
> > Bill,
> >
> > On Dec 17, 2016, at 11:36 AM, william manning <chinese.apricot@gmail.com>
> > wrote:  
> > > Is there any public data to support the presumptions of excess capacity  
> > at the roots and the impact of NSEC aggressive use on the DNS?
> >
> > Warren provided some interesting anecdotes at the last IEPG, but I'm
> > unaware of any formal modeling.
> >  
> > > I know that in the previous century, punting on operational impact by  
> > guessing about outcomes was common.   I thought the IETF had moved away
> > from SWAG and was working toward a more disciplined and fact based process
> > for making changes.
> >
> > I make no comment on what the IETF has moved towards or away from.
> >
> > Regards,
> > -drc
> > (speaking only for myself)
> >
> >
> >
> >

v2.23.0 | Report a Bug | By Email