Re: [DNSOP] Any website publishers who use CDNs on the list?

Mark Andrews <marka@isc.org> Wed, 07 November 2018 22:35 UTC

Return-Path: <marka@isc.org>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7366D1294D7 for <dnsop@ietfa.amsl.com>; Wed, 7 Nov 2018 14:35:56 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.901
X-Spam-Level:
X-Spam-Status: No, score=-6.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jv9IUBv6vofI for <dnsop@ietfa.amsl.com>; Wed, 7 Nov 2018 14:35:54 -0800 (PST)
Received: from mx.pao1.isc.org (mx.pao1.isc.org [IPv6:2001:4f8:0:2::2b]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 88AE91271FF for <dnsop@ietf.org>; Wed, 7 Nov 2018 14:35:54 -0800 (PST)
Received: from zmx1.isc.org (zmx1.isc.org [149.20.0.20]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx.pao1.isc.org (Postfix) with ESMTPS id E7DD93AB28B; Wed, 7 Nov 2018 22:33:52 +0000 (UTC)
Received: from zmx1.isc.org (localhost [127.0.0.1]) by zmx1.isc.org (Postfix) with ESMTPS id D47D1160099; Wed, 7 Nov 2018 22:33:52 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1]) by zmx1.isc.org (Postfix) with ESMTP id C0EF5160098; Wed, 7 Nov 2018 22:33:52 +0000 (UTC)
Received: from zmx1.isc.org ([127.0.0.1]) by localhost (zmx1.isc.org [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id dJQbeAfhTT1p; Wed, 7 Nov 2018 22:33:52 +0000 (UTC)
Received: from [172.30.42.67] (c27-253-115-14.carlnfd2.nsw.optusnet.com.au [27.253.115.14]) by zmx1.isc.org (Postfix) with ESMTPSA id 7AD07160052; Wed, 7 Nov 2018 22:33:50 +0000 (UTC)
Content-Type: text/plain; charset=utf-8
Mime-Version: 1.0 (Mac OS X Mail 11.5 \(3445.9.1\))
From: Mark Andrews <marka@isc.org>
In-Reply-To: <5BE329C8.8060101@redbarn.org>
Date: Thu, 8 Nov 2018 09:33:47 +1100
Cc: Tony Finch <dot@dotat.at>, Matthew Pounsett <matt@conundrum.com>, dnsop <dnsop@ietf.org>
Content-Transfer-Encoding: quoted-printable
Message-Id: <3F763222-22E6-460D-90E4-8F9C55B5580F@isc.org>
References: <CCEEBCEF-FE91-49A6-96FE-122A5E025159@isoc.org> <20181102121108.GE12840@besserwisser.org> <20181102211625.GB20885@besserwisser.org> <20181102214114.GA92689@isc.org> <5eb5e946-88e7-59f2-1a7d-1eec3e606b9b@nic.cz> <CAAiTEH8_K=h+A0PqTh785a0tNxWhDg_Uu1UDOWb0QTJyyO2eag@mail.gmail.com> <ed4f4b57-ac02-a983-ae59-db5af9b78b96@nic.cz> <alpine.DEB.2.20.1811071732040.4343@grey.csi.cam.ac.uk> <5BE329C8.8060101@redbarn.org>
To: Paul Vixie <paul@redbarn.org>
X-Mailer: Apple Mail (2.3445.9.1)
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/L4uU6K_5tzSLS0wTBGuJeR9_T7s>
Subject: Re: [DNSOP] Any website publishers who use CDNs on the list?
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 07 Nov 2018 22:35:56 -0000


> On 8 Nov 2018, at 5:07 am, Paul Vixie <paul@redbarn.org> wrote:
> 
> 
> 
> Tony Finch wrote:
>> ...
>> 
>> And even if you can get the recursive server addresses, you should still
>> go through the name service switch to deal with names that aren't in the
>> DNS.
> 
> agreed.

For A and AAAA, but not for HTTP, SRV and all the rest as there are no alternative data sources for those values.


>> The custom DNS stub resolvers that I know about (adns, ldns, libevent)
>> reimplement the libc resolver, with their own parsers for /etc/resolv.conf
>> and all the rest.
> 
> dns requests should almost universally go out via the open source "getdns" API (https://getdnsapi.net/) at this point. if your code uses one of the above methods, or getXbyY() in any form, please investigate.

It really doesn’t matter which API you decide to use to lookup HTTP or SRV.  They all get the same data.

> -- 
> P Vixie
> 
> _______________________________________________
> DNSOP mailing list
> DNSOP@ietf.org
> https://www.ietf.org/mailman/listinfo/dnsop

-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742              INTERNET: marka@isc.org