Re: [DNSOP] [Ext] Starting a -bis document for RFC 8109: Initializing a DNS Resolver with Priming Queries
Brian Dickson <brian.peter.dickson@gmail.com> Tue, 15 September 2020 20:20 UTC
Return-Path: <brian.peter.dickson@gmail.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D81823A0B50 for <dnsop@ietfa.amsl.com>; Tue, 15 Sep 2020 13:20:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id t3grRn7qur1K for <dnsop@ietfa.amsl.com>; Tue, 15 Sep 2020 13:20:23 -0700 (PDT)
Received: from mail-ua1-x92f.google.com (mail-ua1-x92f.google.com [IPv6:2607:f8b0:4864:20::92f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7725A3A0B4E for <dnsop@ietf.org>; Tue, 15 Sep 2020 13:20:23 -0700 (PDT)
Received: by mail-ua1-x92f.google.com with SMTP id u14so1482507uaq.1 for <dnsop@ietf.org>; Tue, 15 Sep 2020 13:20:23 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=TDCZm/eC4WQy3dvAhHrM8d/u+EU9UD0ZatfgBSOgV3k=; b=Tfv9Q+A4uY+3Vq25+9Y6dgQ5yCgpFmOnmjwEB+hc3HnTMsA1VKkwrsRS5HeLK5sIpv S1+ptHZAuHrSItKUUdxZNh9qOUDHw8Ey8jWt5rCtXGyDbj3FODnIdEJTyXwmJqvWdrB3 RYAbuOEvvX0n8ef0L1mCr9x5AuUq9uP7B6FIoJAcAJy3ScutJV/m9XkotNQwgUJbG6tt eUIMa+AHWVD/PHTXwjGOCyNITur9O/j8SCMky3dEZxqgsBvb79hUh0wuGszKHHG56Y2C TJgd/AumsF5XclJD/OLWGD4iNO3rkvfOc6Op02XlrzQATBfbP8m/Wld8jiJ0iW+SZ8Ql ZSWA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=TDCZm/eC4WQy3dvAhHrM8d/u+EU9UD0ZatfgBSOgV3k=; b=THZ2ymPAO3j1M8LATbHZ9zQjyBrwJrLR8h7bgm6semkhDP1g8TedDH2s9wBN+mn2Ym d6YHvvRAsCKdKQeX45jZSEJdlJgrMWlB68cnuUVSV2LYXIGedTss0u6HCPL7APuU7icX uAyPhgpx+0t+bi+wIKl5nmqKa1fUg821nnYXgsQta9lEtMTFma4zs/gaCjXJVFg4CKnQ 3RMKlegtcttsS+Fj9vQptZbXW5Wh8/tveaUEdU/0XPyS/h4xV8rVXe79DduR2o6MoaYS gVdI1APDaiVQj/Fc70GUU9uaz4eH8ahr9RgFEU9ZjAvLS+9R0x35x3iL43Ns5QKByr25 ezrA==
X-Gm-Message-State: AOAM530OMFTkWbEBHS30sFSiWt1Gtwc6hwOIdW4SznC2Q9Cc1smk+++d toxxuw2M7SxEA9L9N18yn8VZlI0MGsBndBKnitI=
X-Google-Smtp-Source: ABdhPJzH1/D7iKi2FNXIvZkB6IkTECFdLWoxuIwfuKctFffqfHV8A4+uPBUKkpIe9/5MbkjFe0EJF4RkiDXd6rncjCo=
X-Received: by 2002:ab0:35e9:: with SMTP id w9mr11034007uau.48.1600201222510; Tue, 15 Sep 2020 13:20:22 -0700 (PDT)
MIME-Version: 1.0
References: <93EB63F9-458B-4F16-BEDC-5CFF4132D049@icann.org> <C71A0A92-6AC2-43BC-8D04-AE695C1F6C2C@depht.com> <AAB62D09-6395-4AFB-B446-7D58C21E82F5@icann.org> <D3FEA286-FBDC-419B-A96D-38EB9A6AAD5F@depht.com>
In-Reply-To: <D3FEA286-FBDC-419B-A96D-38EB9A6AAD5F@depht.com>
From: Brian Dickson <brian.peter.dickson@gmail.com>
Date: Tue, 15 Sep 2020 13:20:11 -0700
Message-ID: <CAH1iCiqvkYVWZYhCW8KEBNQ0CgkFvMYMC60Qu1ZkLssdG8wuEw@mail.gmail.com>
To: Andrew McConachie <andrew@depht.com>
Cc: Paul Hoffman <paul.hoffman@icann.org>, dnsop WG <dnsop@ietf.org>
Content-Type: multipart/alternative; boundary="0000000000006fda8705af5fe136"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/M53aWauYb8Mm2gRzv7mn8gul0iw>
Subject: Re: [DNSOP] [Ext] Starting a -bis document for RFC 8109: Initializing a DNS Resolver with Priming Queries
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 15 Sep 2020 20:20:25 -0000
On Fri, Aug 7, 2020 at 7:20 AM Andrew McConachie <andrew@depht.com> wrote: > > > On 6 Aug 2020, at 16:41, Paul Hoffman wrote: > > > On Aug 6, 2020, at 4:08 AM, Andrew McConachie <andrew@depht.com> > > wrote: > >> > >> What does it mean for a resolver to be primed, or for a resolver to > >> not be primed? For example, is a resolver considered primed only if > >> it has all root server names and IP addresses? 50%? At least 1? > > How about this for the last sentence, “A recursive resolver starts > with no cached information about the root servers, and finishes with a > full list of their names and their addresses in its cache.” > > (Sorry for being very late to the party.) It might be useful to compare the "priming" to the elevation from "glue" to "authoritative". I.e. You can use glue information to obtain authoritative data, but you CANNOT answer a query with data that isn't authoritative, and in particular cannot promote glue to answers. Thus, "priming" is about populating a cache with authoritative data, where the "SBELT" (pre-configured or pre-compiled resolver configuration) is the equivalent of glue, but technically not glue (weaker than glue). I believe a canonical priming query/answer would obtain a single authoritative answer (the NS set for .) and a bunch of glue data (the A/AAAA records for those names). It is stronger that the SBELT, and is necessary (but not sufficient) to obtain an answer for the A or AAAA records of any root-server, and also necessary for locating the name servers for any TLD (by using the glue info to select a root server to which to send a TLD query, which would return a delegation response.) Apologies for mangling any of the terminology. Hope this is a little bit useful for improving the -bis doc. Brian.
- [DNSOP] Starting a -bis document for RFC 8109: In… Paul Hoffman
- Re: [DNSOP] Starting a -bis document for RFC 8109… Davey Song
- Re: [DNSOP] [Ext] Starting a -bis document for RF… Paul Hoffman
- Re: [DNSOP] [Ext] Starting a -bis document for RF… Davey Song
- Re: [DNSOP] Starting a -bis document for RFC 8109… Andrew McConachie
- Re: [DNSOP] [Ext] Starting a -bis document for RF… Paul Hoffman
- Re: [DNSOP] [Ext] Starting a -bis document for RF… George Michaelson
- Re: [DNSOP] [Ext] Starting a -bis document for RF… Paul Hoffman
- Re: [DNSOP] [Ext] Starting a -bis document for RF… George Michaelson
- Re: [DNSOP] [Ext] Starting a -bis document for RF… Andrew McConachie
- Re: [DNSOP] [Ext] Starting a -bis document for RF… Brian Dickson
- Re: [DNSOP] [Ext] Starting a -bis document for RF… Paul Hoffman