Re: [DNSOP] I-D Action: draft-ietf-dnsop-glue-is-not-optional-03.txt
John Levine <johnl@taugh.com> Fri, 07 January 2022 00:36 UTC
Return-Path: <johnl@iecc.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 087C73A0BA0 for <dnsop@ietfa.amsl.com>; Thu, 6 Jan 2022 16:36:05 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.85
X-Spam-Level:
X-Spam-Status: No, score=-1.85 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.25, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=iecc.com header.b=vXByPG4A; dkim=pass (2048-bit key) header.d=taugh.com header.b=VAFXPofK
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id b0_ZA9YpNROJ for <dnsop@ietfa.amsl.com>; Thu, 6 Jan 2022 16:35:58 -0800 (PST)
Received: from gal.iecc.com (gal.iecc.com [IPv6:2001:470:1f07:1126:0:43:6f73:7461]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 007FC3A0B9C for <dnsop@ietf.org>; Thu, 6 Jan 2022 16:35:57 -0800 (PST)
Received: (qmail 15203 invoked from network); 7 Jan 2022 00:35:56 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=iecc.com; h=date:message-id:from:to:cc:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:cleverness; s=3b61.61d78aec.k2201; bh=qW0qrEjDRqkAA5324tgyJnA+xz/D67LlXMREyNTOWlQ=; b=vXByPG4Ag9KB0KivusempXFY1/9wAzTysGj1hMGxfRe2UufqKDVRi9QTsrArI7m4NuhI6ixrxPZylkwobZF1nxlP7BjZuuXG6FcIDlKCEm5V3a/yTiJXqr6tDP42R4uUXn5xWnKHnaMXZD/r/PaE676YJ20eMDKCz1jQuexW2ZwV6JFgPcuOOxNX3BYYM1ZQT9pFLsguo9bIPm81kBFWIrPFpDuR0IvDzgJn+lkwVTWMnquQRaMoVbau/+7JFktJqi6fefbAWTzi2Y8VLHIDMqR8mgdRDVFeVxwNDZq0CESKKNbcPobo/xi0Vtp3CKu8R5IGgegrllz0jboZ6akMBA==
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=taugh.com; h=date:message-id:from:to:cc:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:cleverness; s=3b61.61d78aec.k2201; bh=qW0qrEjDRqkAA5324tgyJnA+xz/D67LlXMREyNTOWlQ=; b=VAFXPofKmXTLySyjILq7A0BBh0BToBXgTEkdGlqdYOrKVNhqucf0PUBTG8cekn/r5JfbKl7phAom0djBfZVZS+PqPrWA1mjglsnlbcbk1Msar/4O6G9YqMHmZj9pcU/VuCzaPOhQpsPghlAS1GAo5Luo23cjLenrV3P08qm0vPYEAf8/xc/9KgQinEWXp/wD2649W+k1dzMlYwKTRRJDdgYHOhHuw2562MPUMtUMgd2AgIwaKNZRME6IMwMXw1fe9ifOAfibFyzJatYOFMVQ9r9y+Yk2Hm4wOtgZCBq+0UgfoBvLSLgW5vTb+LSNMvyxJQ35WE5bwDLcL28drYmd5w==
Received: from ary.qy ([IPv6:2001:470:1f07:1126::78:696d:6170]) by imap.iecc.com ([IPv6:2001:470:1f07:1126::78:696d:6170]) with ESMTPS (TLS1.2 ECDHE-RSA AES-256-GCM AEAD) via TCP6; 07 Jan 2022 00:35:55 -0000
Received: by ary.qy (Postfix, from userid 501) id 4F1FA345BF14; Thu, 6 Jan 2022 19:35:55 -0500 (EST)
Date: Thu, 06 Jan 2022 19:35:55 -0500
Message-Id: <20220107003555.4F1FA345BF14@ary.qy>
From: John Levine <johnl@taugh.com>
To: dnsop@ietf.org
Cc: dwessels@verisign.com
In-Reply-To: <0636E345-17D6-4897-8671-555B991EA4C5@verisign.com>
Organization: Taughannock Networks
X-Headerized: yes
Cleverness: minimal
Mime-Version: 1.0
Content-type: text/plain; charset="utf-8"
Content-transfer-encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/Lj3vGDUcTWfXdeenb2rsYYVs_8o>
Subject: Re: [DNSOP] I-D Action: draft-ietf-dnsop-glue-is-not-optional-03.txt
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 07 Jan 2022 00:36:05 -0000
It appears that Wessels, Duane <dwessels@verisign.com> said: >In order to make progress on the glue-is-not-optional draft, we need the working group to reach consensus on the requirement level >for sibling glue (MUST, SHOULD, or MAY). > >The only situation in which a failure to include sibling glue leads to a resolution failure is when there is a sibling glue cyclic >dependency. e.g.: > > bar.test. 86400 IN NS ns1.foo.test. > bar.test. 86400 IN NS ns2.foo.test. > > foo.test. 86400 IN NS ns1.bar.test. > foo.test. 86400 IN NS ns2.bar.test. > >A few months back I analyzed the zone files available to me via CZDS for sibling glue. Out of some 209,000,000 total delegations, >222 of them had only sibling NS records in a cyclic dependency as above. The domains ADOBE.NET and OMTRDC.NET is one real-world >example. Looks to me like they're just broken: $ dig @a.gtld-servers.net. adobe.net ns ;; QUESTION SECTION: ;adobe.net. IN NS ;; AUTHORITY SECTION: adobe.net. 172800 IN NS ns1.omtrdc.net. adobe.net. 172800 IN NS ns2.omtrdc.net. ;; ADDITIONAL SECTION: ns1.omtrdc.net. 172800 IN A 66.235.157.6 ns2.omtrdc.net. 172800 IN A 66.235.157.7 $ dig @ns1.omtrdc.net. adobe.net. ns ;; QUESTION SECTION: ;adobe.net. IN NS ;; ANSWER SECTION: adobe.net. 900 IN NS ns-1.adobe.net. adobe.net. 900 IN NS ns-2.adobe.net. ;; ADDITIONAL SECTION: ns-1.adobe.net. 900 IN A 66.235.157.6 ns-2.adobe.net. 900 IN A 66.235.157.7 (Note that they're the same servers with different names.) I'm not sure how you'd do this, but do you have any idea how many domains have NS cycles across parallel zones that don't work, e.g.: foo.tld1. IN NS ns1.bar.tld2 bar.tld2. IN NS ns2.foo.tld1. R's, John PS: My preference is still "don't do that." -- Regards, John Levine, johnl@taugh.com, Primary Perpetrator of "The Internet for Dummies", Please consider the environment before reading this e-mail. https://jl.ly
- [DNSOP] I-D Action: draft-ietf-dnsop-glue-is-not-… internet-drafts
- Re: [DNSOP] I-D Action: draft-ietf-dnsop-glue-is-… Wessels, Duane
- Re: [DNSOP] I-D Action: draft-ietf-dnsop-glue-is-… Wessels, Duane
- Re: [DNSOP] I-D Action: draft-ietf-dnsop-glue-is-… John Levine
- Re: [DNSOP] I-D Action: draft-ietf-dnsop-glue-is-… George Michaelson
- Re: [DNSOP] I-D Action: draft-ietf-dnsop-glue-is-… Paul Vixie
- Re: [DNSOP] I-D Action: draft-ietf-dnsop-glue-is-… Paul Wouters
- Re: [DNSOP] I-D Action: draft-ietf-dnsop-glue-is-… John Levine
- Re: [DNSOP] I-D Action: draft-ietf-dnsop-glue-is-… Paul Vixie
- Re: [DNSOP] I-D Action: draft-ietf-dnsop-glue-is-… Hugo Salgado