IETF Logo Mail Archive

Re: [DNSOP] The Larger Discussion on Differences in Response Drafts

abby pan <abbypan@gmail.com> Thu, 18 August 2016 01:48 UTC

Return-Path: <abbypan@gmail.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 42CBE12D831 for <dnsop@ietfa.amsl.com>; Wed, 17 Aug 2016 18:48:48 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id CiTM6OTAyZQ4 for <dnsop@ietfa.amsl.com>; Wed, 17 Aug 2016 18:48:46 -0700 (PDT)
Received: from mail-ua0-x22f.google.com (mail-ua0-x22f.google.com [IPv6:2607:f8b0:400c:c08::22f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1057212D191 for <dnsop@ietf.org>; Wed, 17 Aug 2016 18:48:46 -0700 (PDT)
Received: by mail-ua0-x22f.google.com with SMTP id 74so7912793uau.0 for <dnsop@ietf.org>; Wed, 17 Aug 2016 18:48:46 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=DxKU552k18WwKZ5EQq66VIjJIUB0zIW7AAmwxVxft9w=; b=h5FckGZKholnYeeclX2MdwBlvWEartDv32N6/14jHMTPcQHVvt4aQYAeOftylBPhcL iqnFwvKdsdObXnJJBXenNxXMewIxo/V7CUtqFZlC5D9srbpDTFctKk+GAceVSVlX9/BE I33r6TpOk10Z5nmq1N+9E/aDpL3wi/grVgIg/jZRCEdoOmPUwlb1q2dP9OOrYyLfXnIE WdA2CGHCLDThUa+CRYkvY5iRSZIX12w1dNavrJx9E7UU3vxrszhOT8BCkeFUnLDjZSBK lcHb+YinpMK5QcRyR5YclRolvo0pXM1cJ03Hqy5HFFYkWogWkvQETFOGgRCVHAgtTnS+ GK/Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=DxKU552k18WwKZ5EQq66VIjJIUB0zIW7AAmwxVxft9w=; b=UdoZ2TfJz+Ii1L5EYUMYs3KmcdzeoK9RFMIsRLNl2DRWsmn1mC30emnirAhafbYG2x otcTomyQiRqJHy5LiSgYIT3QzwMSLlekc80KQMRNp1BBBDrmAcHpB8YK6d6MzN9LHOeM asIPtdXiInImD57v4WnwbSSpsbij+o5Wy2f3ELN5gnI+fzlGuWcPh55CagdwXEZXdhJF hr8yBWPPe7WEvWskJ74gFAmIOHeO5yIwSfcvOsMKLU/G4wL/tZZAXT2KL4gQcpdValuQ nTER7fMTAqC2QBHQzAgXAZOqsD3MpHAWFwHgGPy2AsHc9WeUR5V2XBqWpMyd7saFW+VO NrAw==
X-Gm-Message-State: AEkoouvbWRgcfy590tbcqVz+1YCZQmDAsDzpS0NtlWLj13AOWyEqW+p16kVK9WJMCzzxX9iqHk8yzmKZVn96Qw==
X-Received: by 10.31.124.70 with SMTP id x67mr7597647vkc.148.1471484925222; Wed, 17 Aug 2016 18:48:45 -0700 (PDT)
MIME-Version: 1.0
References: <665d8bd3-4229-eb98-1688-2460dcb943b6@gmail.com> <CAKr6gn22oyjU3PKzU=5tWuRwLi8nm-WZJ2DSFJi8yDnqwY-fpQ@mail.gmail.com> <CACfw2hiKqa11KGuwWJgVf+xrm+QtU2AhDU0hQJybxNao5NkX4g@mail.gmail.com>
In-Reply-To: <CACfw2hiKqa11KGuwWJgVf+xrm+QtU2AhDU0hQJybxNao5NkX4g@mail.gmail.com>
From: abby pan <abbypan@gmail.com>
Date: Thu, 18 Aug 2016 01:48:34 +0000
Message-ID: <CANLjSvXB7Rhp3D=m5EauGiBrV2zKRFZw2CiGByyFCxL9ky=XYg@mail.gmail.com>
To: william manning <chinese.apricot@gmail.com>, George Michaelson <ggm@algebras.org>
Content-Type: multipart/alternative; boundary="94eb2c14c7f242a49f053a4ec82c"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/iLxTbvgud2dssPIBW3LeBf0vuCc>
Cc: Tim Wicinski <tjw.ietf@gmail.com>, dnsop <dnsop@ietf.org>
Subject: Re: [DNSOP] The Larger Discussion on Differences in Response Drafts
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 18 Aug 2016 01:48:48 -0000

Status Quo  is good for ipv4 to ipv6 migration.

Totally agree with william on PUSH/PULL.

1. Hotest internet service's RDATA always exists in recursive dns cache,
PUSH is not speed up much except hit-miss. ( recursive -> authority )

2. clients known what they want, PULL & prefething is Ockham's Razor. (
stub -> recursive )

Imagine that  if someone visits  serv-a.xxx.com and  serv-b.xxx.com.
If serv-a.xxx.com has the same associate PUSH RRDATA with serv-b.xxx.com,
for example css.xxx.com, image.xxx.com, js.xxx.com, etc.
Dumplicate response and increase the DDoS risk (abuse use).


william manning <chinese.apricot@gmail.com>于2016年8月17日周三 下午6:59写道:

> from an attacker POV, I would strongly support PUSH, as it would increase
> DDoS effectiveness. The performance enhancement seems to be based on some
> presumptions about servers retaining residual knowledge of the resolver
> behaviours.
> PULL minimizes the attack surface.  wrt cache coherence and delay, I think
> the resolver is closer to the APPs using the data and so may be in a batter
> place to understand what is and will be needed.  Those needs can be met
> with prefetching/caching, which mitigate the RTT/delay issues.
> Status Quo - if it was good enough for Phil Almquist, it's good enough for
> me! :)
>
> /Wm
>
> On Tue, Aug 16, 2016 at 3:32 PM, George Michaelson <ggm@algebras.org>
> wrote:
>
>> On Tue, Aug 16, 2016 at 10:57 PM, Tim Wicinski <tjw.ietf@gmail.com>
>> wrote:
>>
>> > All of these documents are attempting to solve a larger problem in
>> different
>> > ways. The end result is "Return Associated Answer" to the client.
>> >
>> > The question is starting to coalesce around these two premises:
>> >
>> > - Do we want to Server to PUSH any or all Associated Answers, or
>>
>> This option reduces effective RTT delay. It has the most performace
>> improvement in DNS delay reduction, assuming the extra payload is
>> determined to be needed eg flags, or heuristical analysis of client
>> behaviour.
>>
>> Its cost is additional data on the server->client path. Personally, I
>> think this is the best option and the one most likely to increase
>> cache coherence, timeliness, and reduce delay in the DNS phase.
>>
>> >
>> > - Do we want the Client to PULL any or all Associated Answers, or
>>
>> This minimizes traffic. Otherwise, it maximises delay if subsequent
>> query is needed. I would suggest that a client option or flag to
>> request this behaviour is plausible if PUSH is the norm.
>>
>> >
>> > - Do we want the Status Quo?
>>
>> This seems the safest option and the most inherently boring, and
>> pointless. Why are we here if we think the best bet is the status quo?
>> Down down, deeper and down...
>>
>> -G
>> >
>>
>> _______________________________________________
>> DNSOP mailing list
>> DNSOP@ietf.org
>> https://www.ietf.org/mailman/listinfo/dnsop
>>
>
> _______________________________________________
> DNSOP mailing list
> DNSOP@ietf.org
> https://www.ietf.org/mailman/listinfo/dnsop
>
-- 

Best Regards

Pan Lanlan

+86 186 9834 2356

v2.23.0 | Report a Bug | By Email