Re: [DNSOP] Fundamental ANAME problems

Tim Wicinski <tjw.ietf@gmail.com> Wed, 21 November 2018 12:25 UTC

Return-Path: <tjw.ietf@gmail.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 941A412F18C for <dnsop@ietfa.amsl.com>; Wed, 21 Nov 2018 04:25:30 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bN17y0mZf4rC for <dnsop@ietfa.amsl.com>; Wed, 21 Nov 2018 04:25:28 -0800 (PST)
Received: from mail-it1-x12f.google.com (mail-it1-x12f.google.com [IPv6:2607:f8b0:4864:20::12f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8C1E812D4EE for <dnsop@ietf.org>; Wed, 21 Nov 2018 04:25:28 -0800 (PST)
Received: by mail-it1-x12f.google.com with SMTP id g85so8499492ita.3 for <dnsop@ietf.org>; Wed, 21 Nov 2018 04:25:28 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=PDjv/eMVH0rZcE/H9QtF74eObu561mIBFjERcelg8NM=; b=hpfTpfdhkGbYELRv+nFlZM5G2eR0hdU2I1HngWMIDIiUViJQcc0Z76rP1i1Y6Dn58M WbM2GinDeJ4VQBxVqYOv0agPklmCPc+gw/v2zi/o8y8oeS6+Fi0gRwBlSpx+njW7O8/7 C/XWjhW8KrNNQjMFroLYH0kApyFu1LMBVC1SRpSDb09JgIL1cepu54RcR00mtVnnpm5u SjFo1zdU8yV0y20uC9vYRJWa8MeWde2KC0bUNzBAz4u8L6wAe7OPCOiZJ7RYgpiOaAaM 6HcbmZQGJdqj4eb9FWRFWgdquRvE0T+XC5tReDX/A2OYzFF5w/H6if39R5EI4Q9owcNI +xhg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=PDjv/eMVH0rZcE/H9QtF74eObu561mIBFjERcelg8NM=; b=PF26Mii/NPXpTesQN7+popHTlqsDF+KVavQvyyLxoO4lULmhuJbffYyOb5FHE0ELKl qKHamWdkZmwngZmPoQZO0BA8TrIhPhRxzd4XBS3mhc2/kmFVFHIAwi6hcKr/fj7NlveI H0AYrTaNkd5RgbMKwAViLt7vUVBlrnL00C/H/U0cpAqevujnVYTFJl+i/SP4eZkVZq0x yhJJf+6/T0YcndP8QoQrxze4uw2wUW50wU7Jtnxez0ocigOvBHmqNvgaMEBGL8psa27z cNwlEesWjghNoBf9hrDGp/F5rkjBqfQMsh9ZQ33VAEJix1pWhiSfJRiLjkbpFpE/SxRK jBRQ==
X-Gm-Message-State: AA+aEWYjXv5vn3cSZ3ua8ZORexDUMitrcsuqT0W4FAFDUTagoEkfWMkF 8NR/0oCq9YDqDlNBTD80mdSjxyOd7X+q3WFEYsM=
X-Google-Smtp-Source: AFSGD/URmhHF+HDnjpwMclTN+eqizNcI5D5n+QdXS4FRGXSXifGIbTWEsmnNGuHFsgFLu7ooHmGtbCT0b2U4jGx1e9g=
X-Received: by 2002:a05:660c:510:: with SMTP id d16mr4989771itk.109.1542803127874; Wed, 21 Nov 2018 04:25:27 -0800 (PST)
MIME-Version: 1.0
References: <CAH1iCirXYsYB3sAo8f1Jy-q4meLmQAPSFO-7x5idDufdT_unXQ@mail.gmail.com> <CA+nkc8C6yVT62cW5QP-ec2ZT7FY_n48Ecr=CLeE6FS_1duBO8g@mail.gmail.com> <CAJhMdTOwU88BkukodL_zXcK1=JenExX4HL46Zzbw=+btLbDG2A@mail.gmail.com> <20181103193258.GE20885@besserwisser.org> <3E93AE5D-C8AC-496E-85DB-57E6F8E92DF5@frobbit.se> <00158263-85dd-69ce-5299-13ff4c2411c5@bellis.me.uk> <DCBDB76E-E9E8-4FAE-9EF4-56EABFFA9AD1@frobbit.se> <17c409ef-207a-2e53-3496-d98727ecb71d@bellis.me.uk> <CABrJZ5EWGZcxhxf+VxuRsS+b7eX8cYsLGrHOrVzk_qmoFDKh7A@mail.gmail.com> <6B40705F-3C7A-4E78-BCD0-B4E199C606AA@gmail.com> <96ebed06-3f87-ead3-0e11-73915e575312@gmail.com>
In-Reply-To: <96ebed06-3f87-ead3-0e11-73915e575312@gmail.com>
From: Tim Wicinski <tjw.ietf@gmail.com>
Date: Wed, 21 Nov 2018 07:25:26 -0500
Message-ID: <CADyWQ+FWm23-ocTzR6RjeUEO2E-Y6t83vLcwSac+zQbp94b7Zw@mail.gmail.com>
To: Thomas Peterson <hidinginthebbc@gmail.com>
Cc: dnsop <dnsop@ietf.org>
Content-Type: multipart/alternative; boundary="0000000000006539d4057b2bd8c4"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/UZjqRP_UZdi9BHM5OdFI-YTkhTY>
Subject: Re: [DNSOP] Fundamental ANAME problems
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 21 Nov 2018 12:25:30 -0000

Thomas

Thanks for the analysis.   It's a good data point.

And the Nameserver usage is useful - from a quick view of the graph if one
adds Cloudflare + GoDaddy is approx 60% of the nameservers.




On Wed, Nov 21, 2018 at 6:59 AM Thomas Peterson <hidinginthebbc@gmail.com>;
wrote:

> To hopefully awaken and further inform the discussion around the ANAME and
> HTTP draft specifications that have been put forward, I've done some
> further analysis across the Alexa top 1 million domains - my initial
> findings are available at https://thpts.github.io/a_or_cname/ .
>
> A brief summary of what I have found across the entire dataset:
>
> * 51% of www records return an A record
> * 47% of www records return a CNAME
>   * 64% of those point www back to apex (i.e. www.example.com. IN CNAME
> example.com.)
> * 17 www records are DNAME
>
> Any feedback, corrections, and suggestions would be greatly appreciated.
>
> Regards
>
> On Tue, 6 Nov 2018 at 10:22, Thomas Peterson <hidinginthebbc@gmail.com>;
> wrote:
>
>> That may be the case from your own (presumably anecdotal) experience,
>> however I took the Alexa top 1 million websites and queried for A* and
>> CNAME against the www records for the top 10 000 domains. What I found is
>> that approximately 44% returned CNAME records, 56% returning A records.
>>
>>
>>
>> Code is https://gist.github.com/thpts/eb5cec361867170a0ffd6ede136c6649
>> here if anyone wishes to look.
>>
>>
>>
>> Regards
>>
>>
>>
>> * I realise that I could have added AAAA. My presumption is that the top
>> 10k websites are not v6 only and at least have an A record in place.
>>
>>
>>
>> *From: *DNSOP <dnsop-bounces@ietf.org>; on behalf of Olli Vanhoja <
>> olli@zeit.co>;
>> *Date: *Tuesday, 6 November 2018 at 08:24
>> *To: *<dnsop@ietf.org>;
>> *Subject: *Re: [DNSOP] Fundamental ANAME problems
>>
>>
>>
>> In fact if you look at the DNS records some big Internet companies
>>
>> they rarely use CNAMEs for www but instead you'll see an A record, that
>> might
>>
>> be even backed by a proprietary ANAME solution.
>>
> _______________________________________________
> DNSOP mailing list
> DNSOP@ietf.org
> https://www.ietf.org/mailman/listinfo/dnsop
>