IETF Logo Mail Archive

Re: [DNSOP] Fwd: I-D Action: draft-pappas-dnsop-long-ttl-04.txt

Eric Osterweil <eosterweil@verisign.com> Wed, 07 March 2012 23:06 UTC

Return-Path: <eosterweil@verisign.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A48EE21F858B for <dnsop@ietfa.amsl.com>; Wed, 7 Mar 2012 15:06:36 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.485
X-Spam-Level:
X-Spam-Status: No, score=-6.485 tagged_above=-999 required=5 tests=[AWL=0.114, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id vhTIsdnTOQo8 for <dnsop@ietfa.amsl.com>; Wed, 7 Mar 2012 15:06:36 -0800 (PST)
Received: from exprod6og115.obsmtp.com (exprod6og115.obsmtp.com [64.18.1.35]) by ietfa.amsl.com (Postfix) with ESMTP id B862921F84F3 for <dnsop@ietf.org>; Wed, 7 Mar 2012 15:06:35 -0800 (PST)
Received: from osprey.verisign.com ([216.168.239.75]) (using TLSv1) by exprod6ob115.postini.com ([64.18.5.12]) with SMTP ID DSNKT1fp++tToP0aSCMqlbqe8Dk7W1misVrJ@postini.com; Wed, 07 Mar 2012 15:06:35 PST
Received: from dul1wnexcn01.vcorp.ad.vrsn.com (dul1wnexcn01.vcorp.ad.vrsn.com [10.170.12.138]) by osprey.verisign.com (8.13.6/8.13.4) with ESMTP id q27N6VUS022230 for <dnsop@ietf.org>; Wed, 7 Mar 2012 18:06:34 -0500
Received: from dul1eosterwe-m1.vcorp.ad.vrsn.com ([10.88.30.33]) by dul1wnexcn01.vcorp.ad.vrsn.com with Microsoft SMTPSVC(6.0.3790.4675); Wed, 7 Mar 2012 18:06:30 -0500
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (Apple Message framework v1084)
From: Eric Osterweil <eosterweil@verisign.com>
In-Reply-To: <ED92824E-550C-4E76-B7B7-F010613326A2@verisign.com>
Date: Wed, 07 Mar 2012 18:06:30 -0500
Content-Transfer-Encoding: quoted-printable
Message-Id: <F089E289-F10D-4CCA-BF64-2D77E96DD880@verisign.com>
References: <20120223155730.20754.45643.idtracker@ietfa.amsl.com> <ED92824E-550C-4E76-B7B7-F010613326A2@verisign.com>
To: dnsop@ietf.org
X-Mailer: Apple Mail (2.1084)
X-OriginalArrivalTime: 07 Mar 2012 23:06:30.0935 (UTC) FILETIME=[EEE84A70:01CCFCB6]
Subject: Re: [DNSOP] Fwd: I-D Action: draft-pappas-dnsop-long-ttl-04.txt
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dnsop>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 07 Mar 2012 23:06:36 -0000

Hey list,

So far, we have not gotten a huge amount of feedback on this draft (but thank you _very_much_ to those that have responded).  I think we were really hoping that people could take a look at the draft and comment before Paris.  It focuses on how resolvers that query large TLD registries can maintain connectivity during sustained outages at the root (such as from DDoS attacks). While it may seem topical to some, we were hoping that some of the distinctions and practices in this draft would be useful in general (such as the distinction of Infrastructure RR types).

We would all very much appreciate any feedback from the list, thanks!

Eric

On Mar 2, 2012, at 12:56 PM, Eric Osterweil wrote:

> Hey everyone,
> 
> We have resurrected our draft Improving DNS Service Availability by Using Long TTL Values, and added some new polish to it.  We've taken some feedback from various people and would love to hear any thoughts other people have.
> 
> Thanks!
> 
> Eric
> 
> Begin forwarded message:
> 
>> From: internet-drafts@ietf.org
>> Date: February 23, 2012 7:57:30 AM PST
>> To: i-d-announce@ietf.org
>> Subject: I-D Action: draft-pappas-dnsop-long-ttl-04.txt
>> Reply-To: internet-drafts@ietf.org
>> 
>> 
>> A New Internet-Draft is available from the on-line Internet-Drafts directories.
>> 
>> 	Title           : Improving DNS Service Availability by Using Long TTL Values
>> 	Author(s)       : Vasileios Pappas
>>                         Eric Osterweil
>> 	Filename        : draft-pappas-dnsop-long-ttl-04.txt
>> 	Pages           : 17
>> 	Date            : 2012-02-23
>> 
>>  Due to the hierarchical tree structure of the Domain Name System
>>  [RFC1034][RFC1035], losing all of the authoritative servers that
>>  serve a zone can disrupt services to not only that zone but all of
>>  its descendants.  This problem is particularly severe if all the
>>  authoritative servers of the root zone, or of a top level domain's
>>  zone, fail.  Although proper placement of secondary servers, as
>>  discussed in [RFC2182], can be an effective means against isolated
>>  failures, it is insufficient to protect the DNS service against a
>>  Distributed Denial of Service (DDoS) attack.  This document proposes
>>  to reduce the impact of DDoS attacks against top level DNS servers by
>>  setting long TTL values for NS records and their associated A and
>>  AAAA records.  Our proposed changes are purely operational and can be
>>  deployed incrementally.
>> 
>> 
>> A URL for this Internet-Draft is:
>> http://www.ietf.org/internet-drafts/draft-pappas-dnsop-long-ttl-04.txt
>> 
>> Internet-Drafts are also available by anonymous FTP at:
>> ftp://ftp.ietf.org/internet-drafts/
>> 
>> This Internet-Draft can be retrieved at:
>> ftp://ftp.ietf.org/internet-drafts/draft-pappas-dnsop-long-ttl-04.txt
>> 
>> _______________________________________________
>> I-D-Announce mailing list
>> I-D-Announce@ietf.org
>> https://www.ietf.org/mailman/listinfo/i-d-announce
>> Internet-Draft directories: http://www.ietf.org/shadow.html
>> or ftp://ftp.ietf.org/ietf/1shadow-sites.txt
> 
> _______________________________________________
> DNSOP mailing list
> DNSOP@ietf.org
> https://www.ietf.org/mailman/listinfo/dnsop

v2.23.0 | Report a Bug | By Email