[DNSOP] 答复: Call for Adoption: draft-song-atr-large-resp
Davey Song(宋林健) <ljsong@biigroup.cn> Tue, 22 January 2019 08:50 UTC
Return-Path: <ljsong@biigroup.cn>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 46AB8124BAA for <dnsop@ietfa.amsl.com>; Tue, 22 Jan 2019 00:50:30 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 3.348
X-Spam-Level: ***
X-Spam-Status: No, score=3.348 tagged_above=-999 required=5 tests=[BAYES_50=0.8, FROM_EXCESS_BASE64=0.979, GB_PHARMACY=1, INVALID_MSGID=0.568, RCVD_IN_DNSWL_NONE=-0.0001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xJgaNJIzVyu7 for <dnsop@ietfa.amsl.com>; Tue, 22 Jan 2019 00:50:24 -0800 (PST)
Received: from smtpbguseast2.qq.com (smtpbguseast2.qq.com [54.204.34.130]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 98407128BCC for <dnsop@ietf.org>; Tue, 22 Jan 2019 00:50:23 -0800 (PST)
X-QQ-mid: bizesmtp12t1548147014tzgin9vy
Received: from sljpc (unknown [121.69.40.130]) by esmtp6.qq.com (ESMTP) with id ; Tue, 22 Jan 2019 16:50:13 +0800 (CST)
X-QQ-SSF: 00400000002000Q0ZLF0000B0000000
X-QQ-FEAT: tHZj8EofyIXWXef1sXiXKRU00jccZawsA0JKfp+e3iLlIwU0s9/Ogt3+qm8jz 4Zqi2YQz+0kTI06cOoFkw23lRNrY2+hhLQ5xIlo+YqtxKvMBZC+IzqgXtsGulREJ518tkzo oilQSGxqBJRiqCp6vEUFDPm+pjmD0p2oVjmBtnibSIJepG0PDuZd1pQZmD6TIZXPvqebcEL ezwlV53dOLB8IE1bDSjIg1iPNNJ+DtfptkDO3kjkmiG/eZ3aeCKUzJBBsjWwAWAAfebE52M eXt9omuubSAKwD5z1rFtMjFAEJ4WRAt7qfFNEMmyJ8pqIloqJtJV2WgDBmh/tQnlphXw==
X-QQ-GoodBg: 2
From: "Davey Song(宋林健)" <ljsong@biigroup.cn>
To: 'Petr Špaček' <petr.spacek@nic.cz>, peter.van.dijk@powerdns.com, dns@fl1ger.de
Cc: dnsop@ietf.org
References: <BCACF554-8BE6-49BC-B75A-BCED776F5189@NLnetLabs.nl> <4A75C4E3-F74F-46DB-9A8A-879C0BB79190@powerdns.com> <52CC68F4-231A-4002-A615-12F2F044342E@isc.org> <533234C8-A97C-4AA3-8395-0708909444B0@rfc1035.com> <595ae5ba-d92c-5d4d-d62b-293a343bf69b@nic.cz>
In-Reply-To: <595ae5ba-d92c-5d4d-d62b-293a343bf69b@nic.cz>
Date: Tue, 22 Jan 2019 16:50:18 +0800
Message-ID: <000301d4b22f$80f5dab0$82e19010$@cn>
MIME-Version: 1.0
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Mailer: Microsoft Office Outlook 12.0
Thread-Index: AdSxdptHHgnDTczpRNWUIvVR1MLdRgAo/NiQ
Content-Language: zh-cn
X-QQ-SENDSIZE: 520
Feedback-ID: bizesmtp:biigroup.cn:qybgforeign:qybgforeign1
X-QQ-Bgrelay: 1
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/L2epzkdQaqelVMQeJ7VpNNhMXVM>
Subject: [DNSOP] 答复: Call for Adoption: draft-song-atr-large-resp
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 22 Jan 2019 08:50:30 -0000
Thanks for all commenter's, I appreciate your frankness and vote based on your technical sense. I understand your push back especially considering the DNS camel stuff. I try to reply some of comments here. Some people argues on the problem statement of this draft. > Peter: Meanwhile, we have no indication that the draft solves any existing real world problem in a useful way. > Petr Špaček : Solving rare operational problem with a huge and ugly hack is no-go territory for Knot Resolver project. It is not rare. It is just under the water. You cannot run a ship unaware of it, especially towards IPv6-only future. Here are some pointer and number are given: [1] presents a 28.26% ~ 55.23% packets drop rate for IPv6 fragements. [2] reports 10% of the paths between the vantage points and the experimental setup filter IP fragments. [3] reports 37.45% of endpoints used IPv6-capable DNS resolvers that were incapable of receiving a fragmented IPv6 response. [4] Yeti testbed also observed over 7% failure rate for queries against IPv6-only server during KSK rollover using 100 probes. [5] is a IETF workgroup document of this problem. It is **not** a rare operational problem. > Ralf Weber: Having one v6 name server that will respond correct with fragments also solves the problem. I think the problem space is to narrow to burden this problem on all resolvers. Now 389 of v6 tld server including .org reply with large packets, please check [Appendix]. I'm not sure how they can respond correct currently when they need to add more content in answer section. I'm told that a few large DNS operator using certain DNSSEC tool generating a large DNSKEY RRset and RRSIG RRset. > [Most importantly we need to get an explanation why Geoff's experiments > show problems but clients can in practice resolve org. DNSKEY just fine.] Network operation issues are hidden from the sense of application layer. The impact introduced by IPv6 fragments dropping is hidden by different layer of redundancy. From users perspective, dualstack applications run Happy eyeballs willl hide IPv6 networking issues from themselves and network operator. From DNS perspective, resolvers can retry, mostly likely fallback to TCP , without TCP they finally fallback to IPv4 to deliver AAAA record ! If we leave this issue along, I bet the dual-stack period will last much longer than expect. There is a separate thread in ORAC mailing list on " How .org name server handle large DNS response?". I'm looking forward to the response from org. DNS people. I expect some data and analysis not only emotion. I'm wondering there is difference in the query pattern (in terms of UDP/TCP ratio, IPv4/IPv6 ratio etc. ) between small response and large response . [1] RFC7872, Observations on the Dropping of Packets with IPv6 Extension Headers in the Real World, https://tools.ietf.org/html/rfc7872 [2] De Boer, M. and J. Bosma, "Discovering Path MTU black holes on the Internet using RIPE Atlas", July 2012, <http://www.nlnetlabs.nl/downloads/publications/pmtu-black-holes-msc-thesis.pdf>. [3] APNIC measurement study, https://blog.apnic.net/2017/08/22/dealing-ipv6-fragmentation-dns/ [4] RFC8483 Yeti DNS testbed https://tools.ietf.org/html/rfc8483 [5] IP Fragmentation Considered Fragile, https://tools.ietf.org/html/draft-ietf-intarea-frag-fragile-04 [Appendix] 389 TLD's response for dnsky with RRSIG larger than 1500 (msg size + 48) #####389 TLD's response packet for dnsky with RRSIG are larger than 1500 (msg size + 48) ######## sl. 3319 bg. 3103 mm. 3063 si. 2739 xn--mgbx4cd0ab. 2511 za. 2455 best. 2053 kred. 2053 ceo. 2051 americanexpress. 2006 bananarepublic. 2003 weatherchannel. 2003 hiv. 1994 inc. 1994 xn--kpu716f. 1994 xn--pbt977c. 1994 swiftcover. 1991 analytics. 1988 homegoods. 1988 homesense. 1988 honeywell. 1988 marshalls. 1988 statefarm. 1988 country. 1987 discover. 1985 jpmorgan. 1985 athleta. 1982 banamex. 1982 booking. 1982 cartier. 1982 chintai. 1982 citadel. 1982 farmers. 1982 ferrero. 1982 lincoln. 1982 oldnavy. 1982 watches. 1982 weather. 1982 winners. 1982 dupont. 1979 flickr. 1979 intuit. 1979 kinder. 1979 mutual. 1979 office. 1979 piaget. 1979 rocher. 1979 tjmaxx. 1979 tkmaxx. 1979 yandex. 1979 chase. 1976 cisco. 1976 gucci. 1976 hyatt. 1976 intel. 1976 lilly. 1976 praxi. 1976 skype. 1976 yahoo. 1976 zippo. 1976 amex. 1973 citi. 1973 dell. 1973 duns. 1973 ford. 1973 hsbc. 1973 ieee. 1973 kpmg. 1973 mint. 1973 open. 1973 ping. 1973 teva. 1973 vivo. 1973 aaa. 1970 cbn. 1970 fox. 1970 ftr. 1970 gap. 1970 jmp. 1970 jnj. 1970 mlb. 1970 nfl. 1970 qvc. 1970 sas. 1970 tdk. 1970 tjx. 1970 gdn. 1954 ar. 1951 uy. 1951 buy. 1916 xn--bck1b9a5dre4c. 1864 xn--eckvdtc9d. 1852 xn--gckr3f0f. 1849 xn--1ck2e1b. 1846 xn--cck2b3b. 1846 xn--fct429k. 1846 xn--g2xx48c. 1846 xn--gk3at1e. 1846 xn--jvr189m. 1846 xn--rovu88b. 1846 accountant. 1843 baseball. 1837 download. 1837 grainger. 1837 pharmacy. 1837 audible. 1834 cricket. 1834 science. 1834 wanggou. 1834 whoswho. 1834 yamaxun. 1834 author. 1831 circle. 1831 coupon. 1831 dealer. 1831 health. 1831 hotels. 1831 kindle. 1831 racing. 1831 review. 1831 safety. 1831 secure. 1831 stream. 1831 taipei. 1831 vuelos. 1831 webcam. 1831 zappos. 1831 bible. 1828 earth. 1828 faith. 1828 osaka. 1828 party. 1828 prime. 1828 smile. 1828 trade. 1828 tunes. 1828 tushu. 1828 able. 1825 baby. 1825 book. 1825 buzz. 1825 call. 1825 date. 1825 deal. 1825 fast. 1825 fire. 1825 free. 1825 imdb. 1825 like. 1825 loan. 1825 qpon. 1825 read. 1825 room. 1825 safe. 1825 save. 1825 silk. 1825 song. 1825 spot. 1825 talk. 1825 tube. 1825 zero. 1825 aws. 1822 bid. 1822 bot. 1822 got. 1822 hot. 1822 jot. 1822 joy. 1822 moe. 1822 moi. 1822 now. 1822 nyc. 1822 pay. 1822 pin. 1822 uno. 1822 win. 1822 wow. 1822 you. 1822 ma. 1769 blackfriday. 1762 christmas. 1756 property. 1753 flowers. 1750 guitars. 1750 hosting. 1750 hiphop. 1747 juegos. 1747 tattoo. 1747 audio. 1744 click. 1744 photo. 1744 auto. 1741 cars. 1741 diet. 1741 game. 1741 gift. 1741 help. 1741 link. 1741 pics. 1741 sexy. 1741 car. 1738 lol. 1738 mom. 1738 ky. 1735 xn--mgbai9azgqp6j. 1720 firmdale. 1693 travelersinsurance. 1685 xn--mgbt3dhd. 1681 xn--fzys8d69uvgm. 1677 xn--i1b6b1a6a2e. 1673 xn--nqv7fs00ema. 1673 nowruz. 1669 xn--b4w605ferd. 1669 xn--jlq61u9w7b. 1669 pars. 1665 shia. 1665 wolterskluwer. 1665 tci. 1663 scholarships. 1661 creditunion. 1657 lamborghini. 1657 motorcycles. 1657 progressive. 1657 redumbrella. 1657 xn--6frz82g. 1657 xn--9krt00a. 1657 xn--estv75g. 1657 bnpparibas. 1653 boehringer. 1653 extraspace. 1653 schaeffler. 1653 volkswagen. 1653 xn--4gbrim. 1653 xn--5tzm5g. 1653 xn--kput3i. 1653 homedepot. 1649 richardli. 1649 statebank. 1649 stockholm. 1649 travelers. 1649 xn--c1avg. 1649 xn--nqv7f. 1649 cipriani. 1645 clinique. 1645 goodyear. 1645 hdfcbank. 1645 helsinki. 1645 istanbul. 1645 marriott. 1645 redstone. 1645 agakhan. 1641 alibaba. 1641 avianca. 1641 bugatti. 1641 ismaili. 1641 lasalle. 1641 metlife. 1641 organic. 1641 origins. 1641 shiksha. 1641 shriram. 1641 temasek. 1641 abbott. 1637 abbvie. 1637 active. 1637 alipay. 1637 dunlop. 1637 emerck. 1637 gallup. 1637 global. 1637 hermes. 1637 imamat. 1637 kosher. 1637 locker. 1637 mormon. 1637 natura. 1637 viking. 1637 yachts. 1637 adult. 1633 autos. 1633 black. 1633 boats. 1633 dabur. 1633 delta. 1633 edeka. 1633 green. 1633 homes. 1633 lamer. 1633 lotto. 1633 nokia. 1633 nowtv. 1633 poker. 1633 promo. 1633 stada. 1633 vegas. 1633 weibo. 1633 akdn. 1629 ally. 1629 asia. 1629 audi. 1629 blue. 1629 cern. 1629 cyou. 1629 fage. 1629 icbc. 1629 info. 1629 lgbt. 1629 ltda. 1629 ollo. 1629 pccw. 1629 pink. 1629 porn. 1629 post. 1629 rich. 1629 shaw. 1629 sina. 1629 star. 1629 vote. 1629 voto. 1629 zara. 1629 aco. 1625 bcg. 1625 bet. 1625 bnl. 1625 ceb. 1625 dot. 1625 dtv. 1625 gea. 1625 hkt. 1625 ist. 1625 itv. 1625 jcp. 1625 jll. 1625 kim. 1625 lds. 1625 ngo. 1625 nra. 1625 ong. 1625 onl. 1625 org. 1625 ott. 1625 pet. 1625 pwc. 1625 red. 1625 sbi. 1625 sew. 1625 sex. 1625 srl. 1625 thd. 1625 trv. 1625 tvs. 1625 ups. 1625 vig. 1625 xin. 1625 xxx. 1625 ag. 1621 bz. 1621 gi. 1621 lc. 1621 me. 1621 mn. 1621 sc. 1621 cancerresearch. 1585 barclaycard. 1573 barclays. 1561 luxury. 1553 monash. 1553 physio. 1553 build. 1549 tel. 1546 doha. 1545 menu. 1545 ibm. 1541 men. 1541 mtn. 1541 one. 1541 wtc. 1541 au. 1537 xn--fiqs8s. 1505 xn--fiqz9s. 1505 icu. 1479 capetown. 1477 hyundai. 1474 cn. 1473 durban. 1473 joburg. 1473 sharp. 1468 kiwi. 1465 kia. 1462 Best regards, Davey
- [DNSOP] Call for Adoption: draft-song-atr-large-r… Benno Overeinder
- Re: [DNSOP] Call for Adoption: draft-song-atr-lar… Peter van Dijk
- Re: [DNSOP] Call for Adoption: draft-song-atr-lar… Ondřej Surý
- Re: [DNSOP] Call for Adoption: draft-song-atr-lar… Jim Reid
- Re: [DNSOP] Call for Adoption: draft-song-atr-lar… Ralf Weber
- Re: [DNSOP] Call for Adoption: draft-song-atr-lar… Petr Špaček
- Re: [DNSOP] Call for Adoption: draft-song-atr-lar… John Dickinson
- Re: [DNSOP] Call for Adoption: draft-song-atr-lar… Ralph Dolmans
- Re: [DNSOP] Call for Adoption: draft-song-atr-lar… Paul Vixie
- [DNSOP] 答复: Call for Adoption: draft-song-atr-lar… Davey Song (宋林健)
- Re: [DNSOP] 答复: Call for Adoption: draft-song-atr… Ralf Weber
- Re: [DNSOP] Call for Adoption: draft-song-atr-lar… Tony Finch
- Re: [DNSOP] Call for Adoption: draft-song-atr-lar… 神明達哉
- Re: [DNSOP] 答复: Call for Adoption: draft-song-atr… Brian Dickson
- [DNSOP] 答复: 答复: Call for Adoption: draft-song-atr… Davey Song (宋林健)
- Re: [DNSOP] 答复: Call for Adoption: draft-song-atr… Brian Dickson
- Re: [DNSOP] 答复: 答复: Call for Adoption: draft-song… Tony Finch
- Re: [DNSOP] Call for Adoption: draft-song-atr-lar… Mukund Sivaraman
- Re: [DNSOP] Call for Adoption: draft-song-atr-lar… Peter van Dijk
- Re: [DNSOP] Call for Adoption: draft-song-atr-lar… Paul Vixie
- Re: [DNSOP] Call for Adoption: draft-song-atr-lar… Mukund Sivaraman
- Re: [DNSOP] Call for Adoption: draft-song-atr-lar… 神明達哉
- Re: [DNSOP] Call for Adoption: draft-song-atr-lar… Benno Overeinder
- [DNSOP] 答复: Call for Adoption: draft-song-atr-lar… Davey Song (宋林健)