IETF Logo Mail Archive

[DNSOP] Re: draft-fujiwara-dnsop-dns-upper-limit-values

Philip Homburg <pch-dnsop-5@u-1.phicoh.com> Fri, 12 July 2024 08:47 UTC

Return-Path: <pch-b538D2F77@u-1.phicoh.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7391CC14F6F2 for <dnsop@ietfa.amsl.com>; Fri, 12 Jul 2024 01:47:02 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.908
X-Spam-Level:
X-Spam-Status: No, score=-1.908 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id NnxOZ6hOSGJR for <dnsop@ietfa.amsl.com>; Fri, 12 Jul 2024 01:47:00 -0700 (PDT)
Received: from stereo.hq.phicoh.net (stereo.hq.phicoh.net [IPv6:2a10:3781:2413:1:2a0:c9ff:fe9f:17a9]) (using TLSv1.2 with cipher ECDHE-RSA-CHACHA20-POLY1305 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7AA5AC14F6E3 for <dnsop@ietf.org>; Fri, 12 Jul 2024 01:46:56 -0700 (PDT)
Received: from stereo.hq.phicoh.net (localhost [::ffff:127.0.0.1]) by stereo.hq.phicoh.net with esmtp (TLS version=TLSv1.2 cipher=ECDHE-RSA-CHACHA20-POLY1305) (Smail #158) id m1sSBvZ-0000MiC; Fri, 12 Jul 2024 10:46:53 +0200
Message-Id: <m1sSBvZ-0000MiC@stereo.hq.phicoh.net>
To: dnsop@ietf.org
From: Philip Homburg <pch-dnsop-5@u-1.phicoh.com>
Sender: pch-b538D2F77@u-1.phicoh.com
References: <20240709.190627.2171739541556622717.fujiwara@jprs.co.jp> <Zo6hcN0CinxiOqWr@w2> <e88ddd61-b2c8-40f5-8232-b49687b6064f@nlnetlabs.nl> <Zo60cZq1ncepOJXZ@w2> <m1sRndp-0000M5C@stereo.hq.phicoh.net> <Zo-J6FYQ8NurOqdb@w2> <m1sRoOO-0000MjC@stereo.hq.phicoh.net> <Zo-WqL93n8qs3JBq@w2>
In-reply-to: Your message of "Thu, 11 Jul 2024 16:24:08 +0800 ." <Zo-WqL93n8qs3JBq@w2>
Date: Fri, 12 Jul 2024 10:46:53 +0200
Message-ID-Hash: HRTIUJW5E4PAHXR27BWARP5CV64Z2Y3A
X-Message-ID-Hash: HRTIUJW5E4PAHXR27BWARP5CV64Z2Y3A
X-MailFrom: pch-b538D2F77@u-1.phicoh.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-dnsop.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: Mukund Sivaraman <muks@mukund.org>
X-Mailman-Version: 3.3.9rc4
Precedence: list
Subject: [DNSOP] Re: draft-fujiwara-dnsop-dns-upper-limit-values
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/QAF3Q7aQY6r3QbYyEnt2CROudRU>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Owner: <mailto:dnsop-owner@ietf.org>
List-Post: <mailto:dnsop@ietf.org>
List-Subscribe: <mailto:dnsop-join@ietf.org>
List-Unsubscribe: <mailto:dnsop-leave@ietf.org>

>I feel that prescribing limits will make DNS inflexible for use-cases
>that we in our current generation have not imagined of. The fact that
>DNS today is malleable is because RFC 1034/35 were very open-ended and
>not rigid.

There are roughly three different types of limits:
1) Hard limits in software
2) Default values for limits in software
3) Values set by operators of DNS software

1) is not a big problem for sensible software. When a request comes in
from a customer it is likely that within the technical possibilities a
vendor will try to meet it. Obviously there will also be broken software,
but nothing we can do can change that.
2) This an issue for popular software. If a zone exceeds the limits in the
default configuration of popular software then that zone will experience
failure. The users of the software can change the value, but not everybody
does that.
3) Independent of what defaults are used in software, operators can set 
their own limits. If a zone exceeds the limits set by a popular operator then
the zone will have a problem.

Software has default, operators set limits. For anything you want to
use on the internet today, you have to stay within those limits. Those
limits are not documented so anything can break at any time.

So we have flexibility in the specification at the cost of uncertainty in
operation.

v2.46.0 | Report a Bug | By Email | System Status