Re: [DNSOP] HTTP dns-alt-svc draft
Shumon Huque <shuque@gmail.com> Sat, 23 June 2018 17:57 UTC
Return-Path: <shuque@gmail.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E500313100D for <dnsop@ietfa.amsl.com>; Sat, 23 Jun 2018 10:57:03 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.997
X-Spam-Level:
X-Spam-Status: No, score=-1.997 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, WEIRD_PORT=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id yp5cKAt64sA5 for <dnsop@ietfa.amsl.com>; Sat, 23 Jun 2018 10:57:00 -0700 (PDT)
Received: from mail-yb0-x231.google.com (mail-yb0-x231.google.com [IPv6:2607:f8b0:4002:c09::231]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 21D59130EF5 for <dnsop@ietf.org>; Sat, 23 Jun 2018 10:57:00 -0700 (PDT)
Received: by mail-yb0-x231.google.com with SMTP id f12-v6so132590ybp.5 for <dnsop@ietf.org>; Sat, 23 Jun 2018 10:57:00 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=NKOZDRFGRrqelxsfxTiTYN4rCzxD5JDa9RYyWT0OQ9k=; b=FpqOrwIH1rYUibQjnR2dvzFS3oJrVjJOemGTG8sCLEu1Io93v5vDMRIwYwDsaQpl+L ySQK9uXVY9yzRuhIlY+mLWlfXQV2frfrW/Pz3Qm3BWjAlxtXDgT7vR+1SCsQzLUIULTY rFVCEe91G9iRoh1d90jZTC0JdjLHAmmOo5FvYuR4nd+4nHSPWTbSUQAVvGYXiyRqnSoQ /B2XXaSRYj5LR7DiISFJAD4P/RESwotq6Nu5EukstZL3tGKzngZg74mBb+dQ99vY57Vg do2/HSWCke1X0FvJkUuA6raJir9fu/AGj/rGOSyEHYzEErCQ/pLaOuLjYyMVYKCeDv6Q NWhw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=NKOZDRFGRrqelxsfxTiTYN4rCzxD5JDa9RYyWT0OQ9k=; b=SWitnAmffPWI6BRdXsGfHBgJNypsxN5K2oUC0lD1FbqP5PyghWMeTk/wsWnOibzFaX xUepvcZAIEoTkg0NU/A18vpbvgx0HZsTunVRwPq2TQvgyDroCUUKKJtKSHFxm6V4I3mc n5YMVFEP2W1ipm76384iYPGJeFZrtL02NxUJdPcvVAHHYen7xyW9qe1ih9e2t3DopnxI pcxtFrmtZprO9E1stpZUP1OCHzw2c1npk7LwUZuFdRQvODsqMhZ1IY1Qu1B4V48AltpQ gre96MKVRoLFzNGGbE7qjPB/nHe8H9JE0QDiS7NmywB+XsNBJueNpPmZEoxbxGDHCB4g RXQw==
X-Gm-Message-State: APt69E2k9HIokODx4flxE7OcpMHL3VQWd78uXfRYfBaXzDbfdSd5Jegl G2+d1dn7F4QUk9TFn/clyQzoIYlSNoXsv8z0qTM=
X-Google-Smtp-Source: ADUXVKLEf+O+ZxbWfO15hUMi59TZtLrawNcqt1QC4x7yy+qPEgMGuAA0cI5pHfgOmtyYafCbPCguKw9W8JFaG4A5WHk=
X-Received: by 2002:a25:1289:: with SMTP id 131-v6mr3310681ybs.171.1529776619422; Sat, 23 Jun 2018 10:56:59 -0700 (PDT)
MIME-Version: 1.0
References: <CAHPuVdU6XO6uhxDZpP59FUS6P5L+uG6PHvrr8gd8xDojzavqiw@mail.gmail.com> <CAHPuVdXGtLN0MU8Vnorita+-9PX6507xyiQvWjmP6AJAJqc5Rg@mail.gmail.com> <CAHbrMsC495qHBvq5p1_M4_7uE9Oe4aj6VfjeHpA2h9TBwO90pQ@mail.gmail.com>
In-Reply-To: <CAHbrMsC495qHBvq5p1_M4_7uE9Oe4aj6VfjeHpA2h9TBwO90pQ@mail.gmail.com>
From: Shumon Huque <shuque@gmail.com>
Date: Sat, 23 Jun 2018 13:56:48 -0400
Message-ID: <CAHPuVdUun=vu1mjOsrwFQOcUSixcAB4YaYWeRNkKGgjXL4s=_g@mail.gmail.com>
To: bemasc@google.com
Cc: "dnsop@ietf.org WG" <dnsop@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000fc8798056f52df03"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/anguE90AcQrHcKmFqziun7l9qxE>
Subject: Re: [DNSOP] HTTP dns-alt-svc draft
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.26
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 23 Jun 2018 17:57:04 -0000
On Sat, Jun 23, 2018 at 1:23 PM Ben Schwartz <bemasc@google.com> wrote: > On Sat, Jun 23, 2018 at 6:51 AM Shumon Huque <shuque@gmail.com> wrote: > >> On Sat, Jun 23, 2018 at 12:00 AM Shumon Huque <shuque@gmail.com> wrote: >> >>> In other threads, Erik Nygren suggested that we review the proposed >>> DNS record for HTTP Alternative Services draft: >>> >>> https://tools.ietf.org/html/draft-schwartz-httpbis-dns-alt-svc-02 >>> (You might also want to read RFC7838 for background). >>> >> >> Another comment on this draft: >> >> I noticed that RFC7838 says: >> >> The Alt-Svc field value can have multiple values: >> >> Alt-Svc: h2="alt.example.com:8000", h2=":443" >> >> So, presumably my example in the last message was not quite correct >> for representing multiple target hosts for the service: >> >> Instead of: >> >> _443._https.example.com. 900 IN ALTSVC "h2=\"cdn1.example.org:443\"" >> _443._https.example.com. 900 IN ALTSVC "h2=\"cdn2.example.org:8443\"" >> >> It probably is: >> >> _443._https.example.com. 900 IN ALTSVC "h2=\"cdn1.example.org:443\", >> h2=\"cdn2.example.org:443\"" >> >> >> It also says: >> >> When multiple values are present, the order of the values reflects >> the server's preference (with the first value being the most >> preferred alternative). >> >> The preference order of the values does not permit load balancing. >> So, if a site wants to do load balancing, as many do today, I assume >> they would have to employ only one target hostname, with multiple address >> records, >> > > It seems to me that a site could publish multiple ALTSVC RRs, each of > which could contain multiple targets. > Thanks. I agree that it could - it just wasn't clear to me if the spec intended to prohibit it or not. If RFC7838 permits only one ALTSVC field in the HTTP header or HTTP2 frame (does it?), then does that also mean this field has to be expressed in just one ALTSVC DNS RR ... and still rely on random/shuffle ordered return of the address >> record set from name resolution functions. >> > > At the stage of processing ALTSVC responses, we are talking about new > client logic, so the significance of ordering is up to us. The draft is a > bit hazy on this point, but we could add an explicit requirement that > clients shuffle the ALTSVC RRSET before processing it. Would that help? > Yes, I think many DNS protocol engineers would be happy with that outcome. If applications are no longer assuming RRset response order shuffling on the part of DNS servers, then we can could go back to the pure notion that RRsets are inherently unordered (eventually). In this sense, SRV is more >> flexible since it supports both priority and proportional load balancing. >> > > Yes, that's true. So far, no one has asked us for this kind of explicit > percentage load-balancing. However, because the format is extensible, we > can add it later as a new Alt-Svc parameter. > I guess this is a question worth discussing with the web community (or other application communities that might contemplate using ALTSVC). Thanks! Shumon.
- Re: [DNSOP] HTTP dns-alt-svc draft Shumon Huque
- Re: [DNSOP] HTTP dns-alt-svc draft Ben Schwartz
- Re: [DNSOP] HTTP dns-alt-svc draft Ben Schwartz
- Re: [DNSOP] HTTP dns-alt-svc draft Shumon Huque
- [DNSOP] HTTP dns-alt-svc draft Shumon Huque
- Re: [DNSOP] HTTP dns-alt-svc draft Shumon Huque