Re: [DNSOP] DNSOP Call for Adoption - draft-tale-dnsop-serve-stale
Mark Andrews <marka@isc.org> Fri, 08 September 2017 02:07 UTC
Return-Path: <marka@isc.org>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C257F133095 for <dnsop@ietfa.amsl.com>; Thu, 7 Sep 2017 19:07:16 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.901
X-Spam-Level:
X-Spam-Status: No, score=-6.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id sVWUbRCqI_rK for <dnsop@ietfa.amsl.com>; Thu, 7 Sep 2017 19:07:15 -0700 (PDT)
Received: from mx.pao1.isc.org (mx.pao1.isc.org [IPv6:2001:4f8:0:2::2b]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 964B1133093 for <dnsop@ietf.org>; Thu, 7 Sep 2017 19:07:15 -0700 (PDT)
Received: from zmx1.isc.org (zmx1.isc.org [149.20.0.20]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx.pao1.isc.org (Postfix) with ESMTPS id 3BB9034AFA8 for <dnsop@ietf.org>; Fri, 8 Sep 2017 02:07:13 +0000 (UTC)
Received: from zmx1.isc.org (localhost [127.0.0.1]) by zmx1.isc.org (Postfix) with ESMTPS id 25277160045 for <dnsop@ietf.org>; Fri, 8 Sep 2017 02:07:13 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1]) by zmx1.isc.org (Postfix) with ESMTP id 0FBFA160046 for <dnsop@ietf.org>; Fri, 8 Sep 2017 02:07:13 +0000 (UTC)
Received: from zmx1.isc.org ([127.0.0.1]) by localhost (zmx1.isc.org [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id WK7xo2J6bRab for <dnsop@ietf.org>; Fri, 8 Sep 2017 02:07:12 +0000 (UTC)
Received: from rock.dv.isc.org (c27-253-115-14.carlnfd2.nsw.optusnet.com.au [27.253.115.14]) by zmx1.isc.org (Postfix) with ESMTPSA id B1E3E160045 for <dnsop@ietf.org>; Fri, 8 Sep 2017 02:07:12 +0000 (UTC)
Received: from rock.dv.isc.org (localhost [IPv6:::1]) by rock.dv.isc.org (Postfix) with ESMTP id 0170284A3195 for <dnsop@ietf.org>; Fri, 8 Sep 2017 12:07:09 +1000 (AEST)
To: dnsop@ietf.org
From: Mark Andrews <marka@isc.org>
References: <CADyWQ+FHDHcmq-mr0BCHS5A8yvaOQmhTjve1_DmZN6vAc=BKyA@mail.gmail.com> <20170907154234.3z2zbju2sciiy7wr@nic.fr> <ybltw0emmvh.fsf@wu.hardakers.net> <8295055.TIQDDEhZcU@localhost.localdomain> <20170907221241.GA1031@puck.nether.net>
In-reply-to: Your message of "Thu, 07 Sep 2017 18:12:41 -0400." <20170907221241.GA1031@puck.nether.net>
Date: Fri, 08 Sep 2017 12:07:09 +1000
Message-Id: <20170908020710.0170284A3195@rock.dv.isc.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/faRjxlEvhLhREaHzQtvx2K326ro>
Subject: Re: [DNSOP] DNSOP Call for Adoption - draft-tale-dnsop-serve-stale
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 08 Sep 2017 02:07:17 -0000
Part of the problem is that we have one TTL value for both freshness and don't use beyond. This is fixable. It is possible to specify two timer values. It does require adding signaling between recursive servers and authoritative servers, on zone transfers and update requests. You basically add a additional timer field to every record immediately after the TTL field. This is only returned if the client has signalled support for the extended field, I suggest using the last DNS header bit for this as you can determine how you will parse the response base on whether the bit is set in the response or not. This field is used to expire records from the cache and its value is set to the TTL field if the server has learnt the record from server that doesn't support the extension. The existing TTL field is used for freshness checking. When a query comes in after that value has expired a freshness check is performed similar to the existing prefetches that happen today. A TTL of 1 is returned unless the original TTL was 0 in which case 0 is returned. New client - new recursive server - new authservers example.com. 300 86400 IN A 1.2.3.4 +300 seconds example.com. 1 86100 IN A 1.2.3.4 (background query is in process) Old client - new recursive server - new authservers example.com. 300 IN A 1.2.3.4 +300 seconds example.com. 1 IN A 1.2.3.4 (background query is in process) New client - new recusive server - old auth servers example.com. 300 300 IN A 1.2.3.4 +300 seconds (record has expired from cache, new query is performed) example.com. 300 300 IN A 1.2.3.4 For UPDATE a replacement opcode would be cleanest way to signal the new format is being used. NOTIMP should be returned by servers that don't support the new opcode. There will be a few broken servers that just echo back the new header bit. This way the authoritative servers still control how long records are stored for. Dead servers will get a little bit of traffic until the the refresh completes. If the authorative servers are under attack the clients still see a answer. The alternative is to perform the refresh query and if it fails to complete within X milliseconds return the cached data rather than returning the cached data and doing the refresh in the background. Mark -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: marka@isc.org
- [DNSOP] DNSOP Call for Adoption - draft-tale-dnso… tjw ietf
- [DNSOP] 答复: DNSOP Call for Adoption - draft-tale-… Davey Song (宋林健)
- Re: [DNSOP] DNSOP Call for Adoption - draft-tale-… Jared Mauch
- Re: [DNSOP] DNSOP Call for Adoption - draft-tale-… Barry Raveendran Greene
- Re: [DNSOP] DNSOP Call for Adoption - draft-tale-… Vladimír Čunát
- Re: [DNSOP] DNSOP Call for Adoption - draft-tale-… Stephane Bortzmeyer
- Re: [DNSOP] DNSOP Call for Adoption - draft-tale-… Paul Vixie
- Re: [DNSOP] DNSOP Call for Adoption - draft-tale-… Wes Hardaker
- Re: [DNSOP] DNSOP Call for Adoption - draft-tale-… Joe Abley
- Re: [DNSOP] DNSOP Call for Adoption - draft-tale-… Paul Wouters
- Re: [DNSOP] DNSOP Call for Adoption - draft-tale-… Vladimír Čunát
- Re: [DNSOP] DNSOP Call for Adoption - draft-tale-… 神明達哉
- Re: [DNSOP] DNSOP Call for Adoption - draft-tale-… Paul Vixie
- Re: [DNSOP] DNSOP Call for Adoption - draft-tale-… Paul Vixie
- Re: [DNSOP] DNSOP Call for Adoption - draft-tale-… George Michaelson
- Re: [DNSOP] DNSOP Call for Adoption - draft-tale-… Jared Mauch
- Re: [DNSOP] DNSOP Call for Adoption - draft-tale-… Mark Andrews
- Re: [DNSOP] DNSOP Call for Adoption - draft-tale-… Stephane Bortzmeyer
- [DNSOP] 答复: DNSOP Call for Adoption - draft-tale-… Davey Song (宋林健)
- Re: [DNSOP] 答复: DNSOP Call for Adoption - draft-t… Vladimír Čunát
- Re: [DNSOP] DNSOP Call for Adoption - draft-tale-… Tony Finch
- Re: [DNSOP] DNSOP Call for Adoption - draft-tale-… Paul Wouters
- Re: [DNSOP] DNSOP Call for Adoption - draft-tale-… Tony Finch
- Re: [DNSOP] DNSOP Call for Adoption - draft-tale-… Robert Edmonds
- Re: [DNSOP] DNSOP Call for Adoption - draft-tale-… 神明達哉
- Re: [DNSOP] 答复: DNSOP Call for Adoption - draft-t… Lanlan Pan
- Re: [DNSOP] DNSOP Call for Adoption - draft-tale-… Bob Harold
- Re: [DNSOP] DNSOP Call for Adoption - draft-tale-… Marek Vavruša
- Re: [DNSOP] DNSOP Call for Adoption - draft-tale-… tjw ietf