[DNSOP] ANAME precedence [issue #58]
Matthijs Mekking <matthijs@pletterpet.nl> Wed, 24 April 2019 09:44 UTC
Return-Path: <matthijs@pletterpet.nl>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 22743120315 for <dnsop@ietfa.amsl.com>; Wed, 24 Apr 2019 02:44:51 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1GPT0PQtESim for <dnsop@ietfa.amsl.com>; Wed, 24 Apr 2019 02:44:48 -0700 (PDT)
Received: from lb2-smtp-cloud9.xs4all.net (lb2-smtp-cloud9.xs4all.net [194.109.24.26]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5B75212023B for <dnsop@ietf.org>; Wed, 24 Apr 2019 02:44:48 -0700 (PDT)
Received: from [IPv6:2001:980:4eb1:1:61b2:b674:4656:d4b6] ([IPv6:2001:980:4eb1:1:61b2:b674:4656:d4b6]) by smtp-cloud9.xs4all.net with ESMTPSA id JESDh8yFvNExlJESEhQQ9d; Wed, 24 Apr 2019 11:44:44 +0200
From: Matthijs Mekking <matthijs@pletterpet.nl>
Openpgp: preference=signencrypt
Autocrypt: addr=matthijs@isc.org; keydata= mQENBFwE8S0BCADtYae8WFJO5uKd1n8e/6nOJu/fc63+wrwugPevwfkLthb8URsu50JiQvhW 43Z7aLKV7bdYb6XrxBvTj/H03bBXxPMFChePi7ov+kQODVCaR+jlpaWJRuBUuh6Pbg9jlvj3 TCeTtsAv8e5JUno2uzRk/NVydC5kmx2c5OxxOkxAVugnAGY0+BoGEAXH5DHX4HMcooj1t9XL kWY1tbcZefEyvNpjBtjO00fIybx45slLR29muheZWN5m4r8FD+tJVO/sqfUXDK1P3pZ6cL52 wGrE4eHZOLsXDLiSQZqd226r3IOFtISjX7mWWXsN/OhvSU8Kq61hD0hNjYPXO9qVXggZABEB AAG0I01hdHRoaWpzIE1la2tpbmcgPG1hdHRoaWpzQGlzYy5vcmc+iQE4BBMBCAAiBQJcBPEt AhsDBgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAAKCRBUeXtXLXQVHslmB/9I/BEyoMwz2FeD AmjoD8hyfUurGFXgy2mBCbFAHvBwC1RwCpEihuUZKX4mzHluA94xToqTwVG3emOj/tLIdUPd EAhM8kCHqq/ggSnMnm/9nyIGCrYk5Ln6GWUG9GS9UnNZqDGNu4SjXcDpm0WvhV5D/e+J6fcL 6ZcPgWXtnsb6mdJLyviOqknFPLMPszdsyal94+w2tLDGDIMzIQ4HczIuRkIRnuim3b+AADPq 1lyjbuLceGKCziTC4oWzzFr1oF6gL/MslzRLJUsNwXCoTwhMM+MKE/nk58HR+DKYdi/LfxqR 7KBE3p8scLFCaqXPITYbBZci3SG4oPCUG8VTtqf1uQENBFwE8S0BCAD65Qe6tGP+cfSw3VuZ o7rKi+ZNMNY5t0fGt+BW8Euc8eTt4VAcKTaiEFhiOqvkGclUoRxTuhT8rYLiPhcjJhvj9S15 1P1nNNtXXcoo4lSiWDM/1mrvB0Mtjw24/pl1k93SVmJqMCz1QbDO7VmEgi4dX1evretALlun O348o6LerptDtnNtKavTUrJV51v2M/InepIk8rFZr8fRkyqbxgQJ+UvLOmBh9WJskyxPgJjb 2rEMOFGfhtEFqJRm6A+ozr21XWjU2GZlVfq0JAT2WelGuQ/3ZoT9cKyaBK+GSfMMJu1HxKw+ RZopTzEUP46adOYCkBaSknKRnHOhNkiCRe0xABEBAAGJAR8EGAEIAAkFAlwE8S0CGwwACgkQ VHl7Vy10FR7duAgArTxD+1ItUxeplSJiX9DT+fBBU6aKIpkN0otdHjs+KtsQfRfq4alVSKzD LMizDcZU+Maz3LEPVLUFYj0bgD3FL+Jp5mrfnEr1Y/QTCY2amaHFuN8Egvcw35Jj5WbZ2LnI KpIMKpskidd+C1nV6j9nNhqxLv0wiQWbOy6jjgKEIYO20lx3r0Ii3UqdQxVaw9DPTA7wZZbn XW0oCes332l3DhXxais9gaosLOPo/P6NKcq6V/n089wgw1NDBk7TR5zOpgUH8vprf+D3Z8hc bYMqKTVu6w+V0U6YIkzWLX2NrafrDO76GPGMXDNH+P3h8VFMacyacNj8f35Te5sI0kocnQ==
To: "dnsop@ietf.org" <dnsop@ietf.org>
Message-ID: <87d7d127-20cc-8044-277a-d31b1a546219@pletterpet.nl>
Date: Wed, 24 Apr 2019 11:44:37 +0200
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.6.1
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Language: en-US
Content-Transfer-Encoding: 8bit
X-CMAE-Envelope: MS4wfDcWyE/0o33Jl96Z+PpnoVAZmGaMbvPrwl+rYhcKnTlUhyyxZkq8YZIo7jzUXeyd9XD5crjfakuTrk1BVQNoJod2fku2qMa7o1ELHjwYg8Ir76fMEfsb jK5Ldr/jwH1spfpECxIkpTcaGJgc+E6DYaTMVfwTujL/SJxMQmLPxUUKOYDzAdbTqUQb60PKkR+2IT4+gBBI2cit/wF+yeCW2xcZTnnXB6n4h19cypYE+5B1 +0XUxJBUmuDfVzsVe3mTSJWwKCVRd0WYbF5Pvnhrly8=
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/OY6LkbMTpbppEvsgllZX4YcpMek>
Subject: [DNSOP] ANAME precedence [issue #58]
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 24 Apr 2019 09:44:51 -0000
Hi, I would like to start separate threads on the remaining issues of the ANAME draft. One issue that remains to be solved is whether having an A or AAAA record next to the ANAME should take precedence or not. Draft: https://datatracker.ietf.org/doc/draft-ietf-dnsop-aname/ Issue: https://github.com/each/draft-aname/issues/58 This was discussed face to face during IETF 101 and at that time the conclusion was that the correct behavior is that ANAME takes precedence: If you implement ANAME, the target lookup for A and AAAA will always be made. If the lookup succeeds, the sibling address records are replaced with the target address records. If the lookup fails, the sibling address records remain in the zone. Jan Včelák mentioned that at least NS1 uses a different order of priority: If an sibling address record exists next to the ANAME it takes precedence and no target lookup is done for that address record type. In order to provide identical behavior between providers (make ANAME work in the multi-provider model) we should agree on the priority order. To me, it makes much more sense to use the sibling address record as a default, and the ANAME target lookup can replace the sibling address records. The target address records will improve the answer. If you place an override, adding an address record next to ANAME, you can achieve the same thing by not placing the ANAME record in your zone at all. But when the sibling address records take precedence, it has the property that you can set up ANAME for only one address type, for example ANAME for A but not for AAAA. I would like to know if there is a good use case for having this property. I would like to hear an opinion from the working group (preferably from ANAME providers). Specifically do you have a preference of priority order? Do you think having the "set up ANAME for one address type" property is worth having? Thanks, Matthijs
- [DNSOP] ANAME precedence [issue #58] Matthijs Mekking
- Re: [DNSOP] ANAME precedence [issue #58] 神明達哉
- Re: [DNSOP] ANAME precedence [issue #58] Anthony Eden
- Re: [DNSOP] ANAME precedence [issue #58] Matthijs Mekking
- Re: [DNSOP] ANAME precedence [issue #58] 神明達哉
- Re: [DNSOP] ANAME precedence [issue #58] Jan Včelák
- Re: [DNSOP] ANAME precedence [issue #58] Matthijs Mekking