[DNSOP] Review of draft-ietf-dnsop-resolver-priming-04
Hosnieh Rafiee <hosnieh.rafiee@huawei.com> Fri, 12 September 2014 11:27 UTC
Return-Path: <hosnieh.rafiee@huawei.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1863D1A06EC for <dnsop@ietfa.amsl.com>; Fri, 12 Sep 2014 04:27:21 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.853
X-Spam-Level:
X-Spam-Status: No, score=-5.853 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-1.652, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id V1ClQtM8H45O for <dnsop@ietfa.amsl.com>; Fri, 12 Sep 2014 04:27:20 -0700 (PDT)
Received: from lhrrgout.huawei.com (lhrrgout.huawei.com [194.213.3.17]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 867CA1A06DC for <dnsop@ietf.org>; Fri, 12 Sep 2014 04:27:19 -0700 (PDT)
Received: from 172.18.7.190 (EHLO lhreml406-hub.china.huawei.com) ([172.18.7.190]) by lhrrg02-dlp.huawei.com (MOS 4.3.7-GA FastPath queued) with ESMTP id BJI63068; Fri, 12 Sep 2014 11:27:17 +0000 (GMT)
Received: from LHREML513-MBB.china.huawei.com ([fe80::b810:863:a57e:3ff]) by lhreml406-hub.china.huawei.com ([10.201.5.243]) with mapi id 14.03.0158.001; Fri, 12 Sep 2014 12:27:15 +0100
From: Hosnieh Rafiee <hosnieh.rafiee@huawei.com>
To: "dnsop@ietf.org" <dnsop@ietf.org>
Thread-Topic: Review of draft-ietf-dnsop-resolver-priming-04
Thread-Index: Ac/OfICLxCPvCMv6RbCZWvGGw+srDg==
Date: Fri, 12 Sep 2014 11:27:15 +0000
Message-ID: <814D0BFB77D95844A01CA29B44CBF8A7A2C341@lhreml513-mbb.china.huawei.com>
Accept-Language: zh-CN, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.221.82.100]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-CFilter-Loop: Reflected
Archived-At: http://mailarchive.ietf.org/arch/msg/dnsop/RygO7uhX2E_pDazxVRqHGPcQ9eg
Subject: [DNSOP] Review of draft-ietf-dnsop-resolver-priming-04
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 12 Sep 2014 11:27:21 -0000
Hi, I reviewed this draft and found it interesting and useful. Some questions/comments: Section 3.3 IPv6 address is 16 octets (bytes) and IPv4 is 4 octets (bytes) Why the combination of 13 root servers IP4 and IPv6 is 13 * (16 + 28) == 572? What else you considered in the calculation so that it is 28 octets ? " particular server that appears at all. In other words: if the additional section only has an A RRSet for a server, the resolver SHOULD assume that no AAAA RRSet exists. This is to avoid repeated unnecessary queries for names of name servers that do not or not yet offer IPv6 service, or, in perspective, will have ceased IPv4 service." When a new DNS server supports IPv6, when this value is updated in the resolver by the algorithm? Is it in next query? Because what I understood from the draft, per day, a node only once sends priming query. Section 4. " All DNS root name servers need to be able to provide for all addresses of all root name servers. This can easily achieved by keeping all root name server names in a single zone and by making all root name servers authoritative for that zone." I am not in DNS operation. But does it really operationally possible (performance or other factors)? I don't know exactly how many root servers available. " If the response packet does not provide for more than 512 octets due to lack of EDNS0 support, A RRSets SHOULD be given preference over AAAA RRSets when filling the additional section." How the preference algorithm work? Top on the list is chosen? Random chosen? What if the chosen server is compromised? (Murphy law...) (probably it is considered out of scope ?? because it appears that the algorithm trust the data received from other sources) Best, Hosnieh
- [DNSOP] Review of draft-ietf-dnsop-resolver-primi… Hosnieh Rafiee
- Re: [DNSOP] Review of draft-ietf-dnsop-resolver-p… Chris Thompson
- Re: [DNSOP] Review of draft-ietf-dnsop-resolver-p… Hosnieh Rafiee