Re: [DNSOP] BCP on rrset ordering for round-robin? Also head's up on bind 9.12 bug (sorting rrsets by default)

Andrew Sullivan <ajs@anvilwalrusden.com> Mon, 18 June 2018 15:02 UTC

Return-Path: <ajs@anvilwalrusden.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C2339120049 for <dnsop@ietfa.amsl.com>; Mon, 18 Jun 2018 08:02:03 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=yitter.info header.b=WY2mzKl3; dkim=pass (1024-bit key) header.d=yitter.info header.b=Pqn9XPbk
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9jjoiVHi5NMy for <dnsop@ietfa.amsl.com>; Mon, 18 Jun 2018 08:02:01 -0700 (PDT)
Received: from mx4.yitter.info (mx4.yitter.info [159.203.56.111]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9D8A5130DE8 for <dnsop@ietf.org>; Mon, 18 Jun 2018 08:02:00 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by mx4.yitter.info (Postfix) with ESMTP id AD4F2BE444 for <dnsop@ietf.org>; Mon, 18 Jun 2018 15:01:57 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yitter.info; s=default; t=1529334117; bh=re7PDrPElLw8eugeHZKILz/gZX0Q/XQqMQVFRU/3kXI=; h=Date:From:To:Subject:References:In-Reply-To:From; b=WY2mzKl3okmntI7+c1sZosoo3obF+4E5O/2nvH2Lijn9Pcx8R8aTKGxZIVdwwExCl Wnb2EqMElLDe73zumOKJLCie3hgQlpeUHuQZzxpUbs/a/h7oSjMsTkKtJVWZ2/AON2 GPwgLRiDOu9M9JvfKTj11RW57WRplWzOXXvQeQuw=
X-Virus-Scanned: Debian amavisd-new at crankycanuck.ca
Received: from mx4.yitter.info ([127.0.0.1]) by localhost (mx4.yitter.info [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QO6S6t_Oem9w for <dnsop@ietf.org>; Mon, 18 Jun 2018 15:01:56 +0000 (UTC)
Date: Mon, 18 Jun 2018 11:01:57 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yitter.info; s=default; t=1529334116; bh=re7PDrPElLw8eugeHZKILz/gZX0Q/XQqMQVFRU/3kXI=; h=Date:From:To:Subject:References:In-Reply-To:From; b=Pqn9XPbk8dZzasyr+yWmmtGWt0ksKasY/uhSUKeBAbYl1xfvtFTfa7PYx1GpExI61 AkY1MAwxQxNv09P2PV58ttBpyKZ0qWdaWU7UfPca3yYf9UuDwXuKP9Y62f6CW/rNZi 8FVhsytPv0dQwObGdwj1UUkcvX5ejk9Z4JEoS82I=
From: Andrew Sullivan <ajs@anvilwalrusden.com>
To: dnsop@ietf.org
Message-ID: <20180618150157.GB9377@mx4.yitter.info>
References: <CAKC-DJimMOtNCSE95kRs6Dy3dC_mxB=8O2WVA7badp8GK2ci-Q@mail.gmail.com> <20180615171231.GF1126@mx4.yitter.info> <CAHPuVdWP=DVj52diWYTHKqHBET0hFyUWvACT-VpH20iKzed-ww@mail.gmail.com> <CA+nkc8AS6+cZfi_NGT2T+FeQkQ5fKn--HQOOuusL1cYFkdKbKA@mail.gmail.com> <20180615195232.GA5926@jurassic> <CAKC-DJhRJwg7cw8iexCgq9axgjyjnQQaXP2+wD4u=sk3PtypRg@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
In-Reply-To: <CAKC-DJhRJwg7cw8iexCgq9axgjyjnQQaXP2+wD4u=sk3PtypRg@mail.gmail.com>
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/IDctupYVYC025aOgjiyJuwBBnZo>
Subject: Re: [DNSOP] BCP on rrset ordering for round-robin? Also head's up on bind 9.12 bug (sorting rrsets by default)
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.26
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 18 Jun 2018 15:02:04 -0000

On Fri, Jun 15, 2018 at 04:17:00PM -0400, Erik Nygren wrote:
> We have many years of software that relies on emergent behaviors from the
> current default.

Well, I think more accurately we have years of software that relies on
emergent behaviours of the prior default of certain implemnetations.

> While pedantically it may be true that these should be treated as unordered
> sets

I don't think that's being pedantic.  That's literally the definition
of an RRset, and (as I guess has been shown by others in this thread)
relying on an existing order behaviour to which one has become
accustomed is going to be a problem even if people just switch out
their software or change the configuration of their systems.  This is
a bug in the relying software, because the network _never_ made the
promise that software was relying upon.

> Software should have safe defaults that matches common expectations.

I think this is true only if the common expectations are reasonable
ones, and given what RRsets are the expectation in this case is not a
reasonable one.  What you're really saying is that, if there was ever
one dominant system on the Internet (in this case, BIND), then the
standards all need to be rewritten to conform not only to what that
software implemented (a position with which I have some sympathy) but
also to conform with the default settings of that software (a position
I think needs rather more support than you've offered).  

> is that the order of results is NOT consistent.

Sure.  "Unordered sets."

>  In many environments, this
> lack
> of consistency is relied upon for systems to work properly.

To me, this is like saying that, in many environments, the order of
TCP packets (which very frequently do come in order) is relied upon
for systems to work properly.  This is true, but still broken.

> This ambiguity in the current specifications

What is the ambiguity?  There is only an ambiguity if you think that
people's expectation of something nobody ever promised them is part of
the specification, and it isn't.

Best regards,

A
-- 
Andrew Sullivan
ajs@anvilwalrusden.com