Re: [DNSOP] New Version Notification for draft-pusateri-dnsop-update-timeout-00.txt

Tom Pusateri <> Sat, 25 August 2018 18:11 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 4F87F130DE4 for <>; Sat, 25 Aug 2018 11:11:54 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id AUfFBd9bblZ5 for <>; Sat, 25 Aug 2018 11:11:51 -0700 (PDT)
Received: from ( []) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id C084D127333 for <>; Sat, 25 Aug 2018 11:11:50 -0700 (PDT)
Received: from [] (unknown []) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPSA id D5E812389; Sat, 25 Aug 2018 14:07:31 -0400 (EDT)
From: Tom Pusateri <>
Message-Id: <>
Content-Type: multipart/alternative; boundary="Apple-Mail=_BBF037FB-04E0-4B6F-A9F4-5C75B06179BE"
Mime-Version: 1.0 (Mac OS X Mail 11.5 \(3445.9.1\))
Date: Sat, 25 Aug 2018 14:11:48 -0400
In-Reply-To: <>
Cc: Mark Andrews <>, dnsop WG <>
To: Ted Lemon <>
References: <> <> <> <> <> <> <> <> <> <> <> <> <> <> <> <> <> <> <> <> <>
X-Mailer: Apple Mail (2.3445.9.1)
Archived-At: <>
Subject: Re: [DNSOP] New Version Notification for draft-pusateri-dnsop-update-timeout-00.txt
X-Mailman-Version: 2.1.27
Precedence: list
List-Id: IETF DNSOP WG mailing list <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Sat, 25 Aug 2018 18:11:55 -0000

This is a valid question.

In most cases, having the primary remember the lease lifetime should be enough. But if the outage is longer than the lease lifetime, it would better if the secondary would also have that information.

But more importantly, the primary has to store the lease lifetimes for it’s own use for protection against restarts, reboots, and crashes. Keeping the lease lifetime closest to the records they reference is a good principle and so storing them as records along with the records they reference seems not only reasonable, but preferred.

Whether or not they are transferred to the secondary is of secondary importance. But having them treated as regular records has been recommended so having them transferred during AXFR/IXFR will be looked upon with favor.


> On Aug 25, 2018, at 11:11 AM, Ted Lemon <> wrote:
> Right; my question is, is this an operational problem people are having IRL?   If it is, then it makes sense to do something about it.   If it's not, it doesn't.   I've never seen people do what you're describing in practice; that's why I'm asking.   And we definitely agree that there needs to be a cleanup process; the question is, does it have to be done this way.   E.g., if the lease isn't part of the zone, is that actually a problem?   Does the lease need to be part of the zone transfer, or is it enough that the primary has it?   For my part, it seems unnecessary for the secondaries to have it, since they can't update the zone anyway.   As long as the primary remembers that there's a lease, the right thing will happen.
> On Sat, Aug 25, 2018 at 10:30 AM Mark Andrews < <>> wrote:
> It avoids leaving dangling records published longer than necessary.
> Network dies so the machine can’t do the cleanup it was intending.
> Last second cleanup as the lid closes doesn’t get through. 
> It’s relatively easy to implement, no more difficult than resigning for DNSSEC at the cost of a small amount of space.  It also transfers the necessary state to all the slaves allowing them to take over if the master server fails presuming they have the keying material for DNSSEC. 
> -- 
> Mark Andrews
> On 25 Aug 2018, at 22:53, Ted Lemon < <>> wrote:
>> I'm not saying nobody does it.   I'm trying to understand how this helps.
>> On Fri, Aug 24, 2018 at 11:24 PM Mark Andrews < <>> wrote:
>> Ted stop being daft. People have been registering addresses of machines in the public DNS for decades.   SLAAC. Is just one source of addresses. DHCP is another. Come up with a third method and they will do it with it. 
>> Also DHCP servers from ISPs don’t have authority to update DNS servers for my machines. Only those machines have such authority so don’t discount DHCP derived addresses. 
>> -- 
>> Mark Andrews
>> On 25 Aug 2018, at 12:53, Ted Lemon < <>> wrote:
>>> When would that happen?
>>> On Fri, Aug 24, 2018 at 10:52 PM Mark Andrews < <>> wrote:
>>> Registering slaac derived addresses in the DNS.  These are tied to prefix lifetimes. 
>>> -- 
>>> Mark Andrews
>>> On 25 Aug 2018, at 05:02, Tom Pusateri < <>> wrote:
>>>>> On Aug 24, 2018, at 2:59 PM, Ted Lemon < <>> wrote:
>>>>> On Aug 24, 2018, at 2:43 PM, Tom Pusateri < <>> wrote:
>>>>>> It seems odd to take the position that the authoritative server shouldn’t need to clean up stale entries because it assumes the client will do it for you. I can’t imagine you taking this position under any other scenario.
>>>>> The issue here is that this is a pretty major change to the DNS.   If we really want something this heavy, we should have a good reason for wanting it.   That's all.
>>>>> The idea that some unnamed DHCP server somewhere doesn't do the right thing with cleaning up stale entries doesn't seem like a good enough reason, particularly given that the DHCID record tags the thing as having been added by the DHCP server, and considering that there are several open source implementations that do automatically delete records when the lease expires.
>>>>> I think it might make sense to just wait on this.  I agree that it's an interesting idea for completeness, but we don't have enough operational experience yet to know whether we have a problem worth solving.   With respect to the DHCP use case, I'm certain we don't.
>>>>> The good news is that if we do need this, you've done a design, and we also have Paul's design to look at.   So if operational experience a few years down the road shows us that we have a gap here, we can move on it pretty easily. I just don't see any reason to rush into it.
>>>> Ok, great. Hopefully others have some use cases they can share. In the mean time, back to learning Rust…
>>>> Thanks,
>>>> Tom
>>>> _______________________________________________
>>>> DNSOP mailing list
>>>> <>
>>>> <>