Re: [DNSOP] ANAME TTL considerations [issue #30 #34]
Matthijs Mekking <matthijs@pletterpet.nl> Fri, 10 May 2019 04:47 UTC
Return-Path: <matthijs@pletterpet.nl>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1661312006E for <dnsop@ietfa.amsl.com>; Thu, 9 May 2019 21:47:21 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3p682tARWqnc for <dnsop@ietfa.amsl.com>; Thu, 9 May 2019 21:47:18 -0700 (PDT)
Received: from lb1-smtp-cloud9.xs4all.net (lb1-smtp-cloud9.xs4all.net [194.109.24.22]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7A496120048 for <dnsop@ietf.org>; Thu, 9 May 2019 21:47:18 -0700 (PDT)
Received: from [10.196.28.229] ([203.155.148.62]) by smtp-cloud9.xs4all.net with ESMTPA id OxR2hZalwsDWyOxRChagxK; Fri, 10 May 2019 06:47:16 +0200
To: dnsop@ietf.org
References: <5d31cde3-e989-7ef9-dad0-e5a9e6a71988@pletterpet.nl>
From: Matthijs Mekking <matthijs@pletterpet.nl>
Message-ID: <9584af34-02ea-b07d-334c-aa78758c527c@pletterpet.nl>
Date: Fri, 10 May 2019 06:47:03 +0200
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.6.1
MIME-Version: 1.0
In-Reply-To: <5d31cde3-e989-7ef9-dad0-e5a9e6a71988@pletterpet.nl>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Language: en-US
Content-Transfer-Encoding: 7bit
X-CMAE-Envelope: MS4wfBTAXa1gSkNtOb5mF3T31PbVx+Szl383vJW8wLq67IQ4V4BA/RajXfBI8ceVJHPDYBYI3lHS397op98zuGIEixiOJ81lBZYRIJYhMKM6fUb2zdksZnO7 wCi0SSfSKpnnVg/9/ZClHtBNMkhiYq1KbcpY9KVDAb1bXsSE4gkR/xpF
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/VJke-vI4VWTix3pRseJzZr2F4ZE>
Subject: Re: [DNSOP] ANAME TTL considerations [issue #30 #34]
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 10 May 2019 04:47:21 -0000
While this mail has received no reactions on the mailing list, there is some discussion happening on the GitHub repository. The changes that are now scheduled for the new draft related to this topic are: * Define what intermediate records are. * Update the TTL of the final address records to the minimum TTL of the ANAME, intermediate records, and target records (add the initial ANAME too in this step). * Add some words about TTL stretching. * Add an appendix section on ANAME substitution if done inside the name server (for informational purposes). Full diff related to this topic can be found here: https://github.com/each/draft-aname/pull/61/files Best regards, Matthijs On 5/2/19 11:21 AM, Matthijs Mekking wrote: > Hi, > > Another issue that is still open related to ANAME is the TTL > considerations. > > The current draft says that when updating sibling address records > with target address records to reduce the TTL to match the ANAME TTL if > it is greater. > > I propose a change that others have expressed as well, that is the TTL > of the sibling address records should be set to the minimum of the > target address records and its intermediate records in case of CNAME > and/or ANAME chains. > > The logic is that ANAME is likely to be a more static record, while its > target address records are expected to be more dynamic. Therefor it may > make sense to set different TTLs for the different RRsets, meaning we > should not try to match the ANAME TTL and the TTL of the address records. > > This means that when implementing ANAME substitution at the primary, > this will likely stretch the end-to-end TTL (from the authoritative > servers for the target address records to end-user DNS caches) to near > twice the target address record original TTL. > > The suggested change can be found here: > > https://github.com/each/draft-aname/pull/61 > > I will leave this pull request open for a while to solicit feedback, > counter arguments, approvals, ... > > > Best regards, > > Matthijs > > _______________________________________________ > DNSOP mailing list > DNSOP@ietf.org > https://www.ietf.org/mailman/listinfo/dnsop >
- [DNSOP] ANAME TTL considerations [issue #30 #34] Matthijs Mekking
- Re: [DNSOP] ANAME TTL considerations [issue #30 #… Matthijs Mekking