Re: [DNSOP] partial glue is not enough, I-D Action: draft-ietf-dnsop-glue-is-not-optional-00.txt
John Levine <johnl@taugh.com> Thu, 02 July 2020 01:18 UTC
Return-Path: <johnl@iecc.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1A6A63A12CD for <dnsop@ietfa.amsl.com>; Wed, 1 Jul 2020 18:18:21 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.851
X-Spam-Level:
X-Spam-Status: No, score=-1.851 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.249, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1536-bit key) header.d=iecc.com header.b=LdsbzYJT; dkim=pass (1536-bit key) header.d=taugh.com header.b=VoX50EME
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id nGhY64MEE799 for <dnsop@ietfa.amsl.com>; Wed, 1 Jul 2020 18:18:18 -0700 (PDT)
Received: from gal.iecc.com (gal.iecc.com [IPv6:2001:470:1f07:1126:0:43:6f73:7461]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 64D2D3A1213 for <dnsop@ietf.org>; Wed, 1 Jul 2020 18:18:18 -0700 (PDT)
Received: (qmail 91775 invoked from network); 2 Jul 2020 01:18:16 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=iecc.com; h=date:message-id:from:to:cc:subject:in-reply-to:mime-version:content-type:content-transfer-encoding; s=1667b.5efd35d8.k2007; bh=JHdcTRFpfKPnQZlwLeTo0tj5wAtN+OFgbF/Cz3p0xO8=; b=LdsbzYJT8eRIU1XvOrbWR42kl6yxnKAaOg2GBsnS8+QZwyvl2ywIPuQCno2XUgUTDjB7CrhdbCVEInpvn0KpInYcCcc5QALxEJzGOG4jDdhqEzG2Tdh13iwgF4LAH9OqGdYvmM6HsQVC8zvYcyb2MBGmJb2AkcyJkeTgPPDV59fubGasN27Zjl7iZzwqoGh9IK7odbeEYHp91Ur9w2cAMmJVqSCUYGoUiPVile5WgJh0ggGZdIblCZBMnGiXYBs0
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=taugh.com; h=date:message-id:from:to:cc:subject:in-reply-to:mime-version:content-type:content-transfer-encoding; s=1667b.5efd35d8.k2007; bh=JHdcTRFpfKPnQZlwLeTo0tj5wAtN+OFgbF/Cz3p0xO8=; b=VoX50EMEE55UKBA7hUBSLmv7W7Tsq1rVkbZkZQkYqgNdMx43UqY+XO7f+r4TjEyYNV3qNZk+JmnFq009kSuJ43jaIQX0MdSMFZIq8AYabPpVNLHxBR76tk5l8xhXx0MvnxarGA3SbMm1J6BcUfNfH+IVmQUg6CRJiJjxF+GYj8RC62bimsBp7t6banPQQQmzePN5LE8LYGrEmJPpDJrY2DwnYvk0UU4RvUV1BA/lHuLu6fUlrbJU+AKnA7yfJa2F
Received: from ary.qy ([IPv6:2001:470:1f07:1126::78:696d:6170]) by imap.iecc.com ([IPv6:2001:470:1f07:1126::78:696d:6170]) with ESMTP via TCP6; 02 Jul 2020 01:18:16 -0000
Received: by ary.qy (Postfix, from userid 501) id D4B0D1C3CD10; Wed, 1 Jul 2020 21:18:16 -0400 (EDT)
Date: Wed, 01 Jul 2020 21:18:16 -0400
Message-Id: <20200702011816.D4B0D1C3CD10@ary.qy>
From: John Levine <johnl@taugh.com>
To: dnsop@ietf.org
Cc: paul@redbarn.org
In-Reply-To: <9056955.dJ39pTEj9z@linux-9daj>
Organization: Taughannock Networks
X-Headerized: yes
Mime-Version: 1.0
Content-type: text/plain; charset="utf-8"
Content-transfer-encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/hm3Wxtw243kE1xVbmDPCtKT2jlo>
Subject: Re: [DNSOP] partial glue is not enough, I-D Action: draft-ietf-dnsop-glue-is-not-optional-00.txt
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 02 Jul 2020 01:18:21 -0000
In article <9056955.dJ39pTEj9z@linux-9daj> you write: >On Wednesday, 1 July 2020 09:41:49 UTC Jan Včelák wrote: >> We just opened this discussion internally at NS1 because we serve some >> zones with more than 10 NS records where each NS requires glue and our >> proprietary server by design adds glue only for the first four NS >> records. We are discussing if this is correct behavior if it needs to >> be revisited. > >i think if you're using round robin or random selection, a subset is fine. if >we had to codify this practice, i'd ask that at least two address records of >each available kind be included (so, two AAAA's, two A's) or else set TC=1. I really don't like this. If you do that, you're going to have failures when there are working servers but none of their addresses happen to be in the glue subset in the response, and without TC=1 there's no hint that there's more glue if you retry. If a response with TC=1 has at least one record in the additional section, that tells the client that the missing records are all glue. So I think it would be OK in that case for the client to use what it's got, but remember that if it can't contact any of the NS with the A/AAAA it's got, it can go back and get the rest. Remember, if it's glue, there's no other way to get it. If it's worth returning glue at all, it's worth providing all of it. R's, John
- [DNSOP] I-D Action: draft-ietf-dnsop-glue-is-not-… internet-drafts
- Re: [DNSOP] I-D Action: draft-ietf-dnsop-glue-is-… Peter van Dijk
- Re: [DNSOP] I-D Action: draft-ietf-dnsop-glue-is-… Wessels, Duane
- Re: [DNSOP] I-D Action: draft-ietf-dnsop-glue-is-… Paul Vixie
- Re: [DNSOP] [Ext] I-D Action: draft-ietf-dnsop-gl… Paul Hoffman
- Re: [DNSOP] [Ext] I-D Action: draft-ietf-dnsop-gl… Wessels, Duane
- Re: [DNSOP] [Ext] I-D Action: draft-ietf-dnsop-gl… John Levine
- Re: [DNSOP] [Ext] I-D Action: draft-ietf-dnsop-gl… Wessels, Duane
- Re: [DNSOP] [Ext] I-D Action: draft-ietf-dnsop-gl… John R Levine
- Re: [DNSOP] I-D Action: draft-ietf-dnsop-glue-is-… Jan Včelák
- Re: [DNSOP] I-D Action: draft-ietf-dnsop-glue-is-… Paul Vixie
- Re: [DNSOP] I-D Action: draft-ietf-dnsop-glue-is-… Jan Včelák
- Re: [DNSOP] partial glue is not enough, I-D Actio… John Levine
- Re: [DNSOP] partial glue is not enough, I-D Actio… Mark Andrews
- Re: [DNSOP] partial glue is not enough, I-D Actio… Paul Vixie
- Re: [DNSOP] partial glue is not enough, I-D Actio… Paul Vixie
- Re: [DNSOP] partial glue is not enough, I-D Actio… John R Levine
- Re: [DNSOP] partial glue is not enough, I-D Actio… Paul Vixie
- Re: [DNSOP] partial glue is not enough, I-D Actio… Mukund Sivaraman
- Re: [DNSOP] [Ext] partial glue is not enough, I-D… Paul Hoffman
- Re: [DNSOP] [Ext] partial glue is not enough, I-D… Brian Dickson
- Re: [DNSOP] [Ext] partial glue is not enough, I-D… Shane Kerr
- Re: [DNSOP] [Ext] partial glue is not enough, I-D… Masataka Ohta
- Re: [DNSOP] [Ext] partial glue is not enough, I-D… John Levine
- Re: [DNSOP] [Ext] partial glue is not enough, I-D… Brian Dickson
- Re: [DNSOP] [Ext] partial glue is not enough, I-D… John R Levine
- Re: [DNSOP] [Ext] partial glue is not enough, I-D… Brian Dickson
- Re: [DNSOP] [Ext] partial glue is not enough, I-D… John R Levine
- Re: [DNSOP] [Ext] partial glue is not enough, I-D… Mukund Sivaraman
- Re: [DNSOP] partial glue is not enough, I-D Actio… Paul Vixie
- Re: [DNSOP] [Ext] partial glue is not enough, I-D… Paul Hoffman
- Re: [DNSOP] partial glue is not enough, I-D Actio… Havard Eidnes
- Re: [DNSOP] partial glue is not enough, I-D Actio… Joe Abley
- Re: [DNSOP] partial glue is not enough, I-D Actio… Havard Eidnes
- Re: [DNSOP] [Ext] partial glue is not enough, I-D… Masataka Ohta
- Re: [DNSOP] partial glue is not enough, I-D Actio… Paul Vixie
- Re: [DNSOP] [Ext] partial glue is not enough, I-D… John Levine
- Re: [DNSOP] [Ext] partial glue is not enough, I-D… Mark Andrews
- Re: [DNSOP] [Ext] partial glue is not enough, I-D… Masataka Ohta
- Re: [DNSOP] draft-ietf-dnsop-respsize, was partia… John Levine
- Re: [DNSOP] [Ext] I-D Action: draft-ietf-dnsop-gl… Brian Dickson
- Re: [DNSOP] [Ext] I-D Action: draft-ietf-dnsop-gl… Peter van Dijk