Re: [DNSOP] Fwd: I-D Action: draft-song-dnsop-tcp-primingexchange-00.txt
Paul Vixie <paul@redbarn.org> Fri, 28 November 2014 07:21 UTC
Return-Path: <paul@redbarn.org>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 48E8C1A1A54 for <dnsop@ietfa.amsl.com>; Thu, 27 Nov 2014 23:21:27 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.911
X-Spam-Level:
X-Spam-Status: No, score=-1.911 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QcH630TAXGvD for <dnsop@ietfa.amsl.com>; Thu, 27 Nov 2014 23:21:25 -0800 (PST)
Received: from family.redbarn.org (family.redbarn.org [24.104.150.213]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E54D01A1A52 for <dnsop@ietf.org>; Thu, 27 Nov 2014 23:21:25 -0800 (PST)
Received: from [IPv6:2001:559:8000:cb:38ff:2afa:56e8:aaf3] (unknown [IPv6:2001:559:8000:cb:38ff:2afa:56e8:aaf3]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by family.redbarn.org (Postfix) with ESMTPSA id 211241814B; Fri, 28 Nov 2014 07:21:26 +0000 (UTC)
Message-ID: <54782272.4080903@redbarn.org>
Date: Thu, 27 Nov 2014 23:21:22 -0800
From: Paul Vixie <paul@redbarn.org>
User-Agent: Postbox 3.0.11 (Windows/20140602)
MIME-Version: 1.0
To: Davey Song <songlinjian@gmail.com>
References: <20141126190228.2644.32272.idtracker@ietfa.amsl.com> <CAAObRXJM1Ucu3RtJCZPaw2ss0+ZBXxnDyyUvshuAnqEQYEi2XA@mail.gmail.com> <54768F63.9070509@redbarn.org> <CAAObRXLhG0Wfj2eC=+Xb+jnO0fLbiSAvVJti5VtpGANRyHC22g@mail.gmail.com>
In-Reply-To: <CAAObRXLhG0Wfj2eC=+Xb+jnO0fLbiSAvVJti5VtpGANRyHC22g@mail.gmail.com>
X-Enigmail-Version: 1.2.3
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Archived-At: http://mailarchive.ietf.org/arch/msg/dnsop/XmUTAQp4a_BhnuIW4x3BEWUv_EM
Cc: dnsop@ietf.org
Subject: Re: [DNSOP] Fwd: I-D Action: draft-song-dnsop-tcp-primingexchange-00.txt
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 28 Nov 2014 07:21:27 -0000
Davey Song wrote: > I try to express the idea: is there any possibility that if we can > breaks the rareness of Root servers. The arguments and disputes will > cease accordingly. Actually this idea is out of the scope of this draft. i think there is an interesting research question here: how many root name servers is too many, and what are the limitations, and what is the optimal number of root name servers? for example, if 13 is good, would 130 (10X) or 1300 (100X) be better? even with 1300 root name servers, the fallback to TCP after TC=1 in a priming query (even with EDNS) would only add one extra round trip over the three that are required to run a TCP query. since priming queries are uncommon, i still don't see why that first round trip is worth avoiding. RDNS servers who perform round trip measurements to each potential name server for each zone cut would have a lot more state to maintain, but that state would not be large by today's standards (DNSSEC signatures have bloated RDNS memory footprints far more, without concern.) however, the systemic complexity of all those RDNS servers performing all those measurements seems like cause for concern. with 1300 root name servers, it would take 1300 referrals for any given RDNS server to learn which root name server was closest to it. unless all 1300 of those servers are widely anycast, then many of those initial 1300 referrals would have suboptimal round trip times. also with that many servers, error theory predicts that some number of them will be unreachable, causing retries that add to the total number of referral events required to locate the closest (by RTT) root server. if 1300 is obviously too many, why? what's the optimal number of root name servers for an RDNS population estimated to be about 40M? does the optimal number change when some share of root name servers are widely anycasted? i share these research questions for four reasons. first, ZDNS and BII are ideally suited to investigate this matter in your test bed. second, there is no evidence at present that "13" is too many or too few root servers. third, this line of thinking is what led to my ICANN ITI proposal involving only two root name server identities, each of which being massively and hierarchically anycasted. fourth, because without an answer to these research questions, it's impossible to evaluate the cost and complexity tradeoff against increased internet resilience from pursuing your "tcp-primingexchange" proposal. -- Paul Vixie
- [DNSOP] Fwd: I-D Action: draft-song-dnsop-tcp-pri… Davey Song
- Re: [DNSOP] Fwd: I-D Action: draft-song-dnsop-tcp… Paul Vixie
- Re: [DNSOP] I-D Action: draft-song-dnsop-tcp-prim… Paul Hoffman
- Re: [DNSOP] I-D Action: draft-song-dnsop-tcp-prim… Mark Andrews
- Re: [DNSOP] Fwd: I-D Action: draft-song-dnsop-tcp… Davey Song
- Re: [DNSOP] Fwd: I-D Action: draft-song-dnsop-tcp… Paul Vixie
- Re: [DNSOP] Fwd: I-D Action: draft-song-dnsop-tcp… Declan Ma
- Re: [DNSOP] Fwd: I-D Action: draft-song-dnsop-tcp… Davey Song
- Re: [DNSOP] Fwd: I-D Action: draft-song-dnsop-tcp… Paul Vixie
- Re: [DNSOP] I-D Action: draft-song-dnsop-tcp-prim… Davey Song
- Re: [DNSOP] I-D Action: draft-song-dnsop-tcp-prim… Davey Song
- Re: [DNSOP] I-D Action: draft-song-dnsop-tcp-prim… Paul Hoffman
- Re: [DNSOP] I-D Action: draft-song-dnsop-tcp-prim… Davey Song
- Re: [DNSOP] I-D Action: draft-song-dnsop-tcp-prim… Davey Song
- Re: [DNSOP] Fwd: I-D Action: draft-song-dnsop-tcp… Guangqing Deng