IETF Logo Mail Archive

Re: [DNSOP] I-D Action: draft-ietf-dnsop-avoid-fragmentation-17.txt

Kazunori Fujiwara <fujiwara@jprs.co.jp> Fri, 01 March 2024 03:13 UTC

Return-Path: <fujiwara@jprs.co.jp>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 14D91C14F69E for <dnsop@ietfa.amsl.com>; Thu, 29 Feb 2024 19:13:42 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.106
X-Spam-Level:
X-Spam-Status: No, score=-2.106 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=jprs.co.jp
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ga25WGz2Vfu4 for <dnsop@ietfa.amsl.com>; Thu, 29 Feb 2024 19:13:38 -0800 (PST)
Received: from off-send41.tyo.jprs.co.jp (off-send41.tyo.jprs.co.jp [IPv6:2001:df0:8:17::50]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6074AC14F61E for <dnsop@ietf.org>; Thu, 29 Feb 2024 19:13:28 -0800 (PST)
Received: from off-sendsmg31.osa.jprs.co.jp (off-sendsmg31.osa.jprs.co.jp [172.23.8.161]) by off-send41.tyo.jprs.co.jp (Postfix) with ESMTP id 10A5B4075E8 for <dnsop@ietf.org>; Fri, 1 Mar 2024 12:13:27 +0900 (JST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=jprs.co.jp; s=373623; t=1709262807; bh=doQvTWDLJsf/R/GBX67ZNccBX5Wc8I4vKkt7fR0ts5Y=; h=Date:To:Subject:From:In-Reply-To:References; b=NA8KbTWo6yFbAki7bPtwTFl1XEXgkZJA3eGM/D7hqsQiTJHxpg0fatUt4532T+y+z FsAMX98QmYIoYAQ6GhqpMdDRr18MedBp43OqZLzlrX3syz2MpfOwis/47SGe3q/lJJ oxQf1514uPjG+1IrJY1oExqCSJ53duE76wOxmZkbyuyv/N44g/2v9gStkUwlIV95gN OaLU/Pp65TMSokh2pJSa6jxDgvzv+aLbJuVzGr86VvVC/kPwDLdzYC8hiju9FNuVvl l+K2QYDj+NYzi/4jLAlpGinkFyxs6/Y0LpzhM9BDksBlbP+6TTT0OMLoRCPj++P8GR mzVXfkAx36Z9g==
Received: from off-sendsmg31.osa.jprs.co.jp (localhost [127.0.0.1]) by postfix.imss91 (Postfix) with ESMTP id 302616022752 for <dnsop@ietf.org>; Fri, 1 Mar 2024 12:13:26 +0900 (JST)
Received: from localhost (off-cpu08.osa.jprs.co.jp [172.23.4.18]) by off-sendsmg31.osa.jprs.co.jp (Postfix) with ESMTP id 1AF7D6022749 for <dnsop@ietf.org>; Fri, 1 Mar 2024 12:13:26 +0900 (JST)
Date: Fri, 01 Mar 2024 12:13:25 +0900
Message-Id: <20240301.121325.955449111221081756.fujiwara@jprs.co.jp>
To: dnsop@ietf.org
From: Kazunori Fujiwara <fujiwara@jprs.co.jp>
In-Reply-To: <170926168476.21652.3145041523766661930@ietfa.amsl.com>
References: <170926168476.21652.3145041523766661930@ietfa.amsl.com>
X-Mailer: Mew version 6.8 on Emacs 24.5.1
Mime-Version: 1.0
Content-Type: Text/Plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-TM-AS-GCONF: 00
X-TM-AS-Product-Ver: IMSS-9.1.0.1373-9.0.0.1002-28224.004
X-TM-AS-Result: No--6.480-5.0-31-10
X-imss-scan-details: No--6.480-5.0-31-10
X-TMASE-Version: IMSS-9.1.0.1373-9.0.1002-28224.004
X-TMASE-Result: 10--6.480400-10.000000
X-TMASE-MatchedRID: 3RAVi5XHW/RCXIGdsOwlUu5i6weAmSDKZggZX8gYmrU2PObui8pABoCe D809fPEOd4EWkOs0kBbvaFFFh/+qoEqkgzox/CQa/sUSFaCjTLz4qCLIu0mtIMr2vgIq6jNFSik P5EIJEGRrMDR5V8pt9HvUVc40Uroi3bL0d8q3lQ3LLIlHfuipHXcF/0kiqyh4XfeuAdBCdZW2va 7HkKHDMnegzTkx1MwQClR5p4HBwjCvvxILmKK/HDl/1fD/GopdWwo771mVvkmAeP+gwSOxmK1dD oojS9MYRHBmOnaJEu/EQdG7H66TyH4gKq42LRYkff5blwSX8AiRz+Ug9lNwt2yy1Ugp+jSRiPYu Tw8OYQJ+3BndfXUhXQ==
X-TMASE-SNAP-Result: 1.821001.0001-0-1-22:0,33:0,34:0-0
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/Z39sxbaRzKthMRLUwrV2xOnL8No>
Subject: Re: [DNSOP] I-D Action: draft-ietf-dnsop-avoid-fragmentation-17.txt
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 01 Mar 2024 03:13:42 -0000

Dear dnsop WG,

Authours submitted avoid-fragmentation-17 following comments from IESG review.

> Internet-Draft draft-ietf-dnsop-avoid-fragmentation-17.txt is now available.
> It is a work item of the Domain Name System Operations (DNSOP) WG of the IETF.
> 
> https://datatracker.ietf.org/doc/draft-ietf-dnsop-avoid-fragmentation/
> https://author-tools.ietf.org/iddiff?url2=draft-ietf-dnsop-avoid-fragmentation-17

Some recommendations have changed and will be introduced here.
Authors intend to respond within the scope of discussions in the dnsop WG.

R2. Where supported, UDP responders SHOULD set IP "Don't Fragment
    flag (DF) bit" [RFC0791] on IPv4.

   "MAY" was changed as "Where supported," + "SHOULD"

R6. UDP requestors SHOULD drop fragmented DNS/UDP responses without
    IP reassembly to avoid cache poisoning attacks.

   "MAY" was changed as "SHOULD"

R7. DNS responses may be dropped by IP fragmentation. Upon a
    timeout, to avoid resolution failures, UDP requestors SHOULD retry
    using TCP or UDP with a smaller EDNS requestor's maximum UDP payload
    size per local policy. UDP requestors SHOULD observe [RFC8961] in
    setting their timeout.

    "MAY" was changed as "SHOULD".
    However, all recent implementations do some retries.
    The details are left to the implementations.

--
Kazunori Fujiwara, JPRS <fujiwara@jprs.co.jp>

v2.23.0 | Report a Bug | By Email