Re: [DNSOP] Last Call: <draft-ietf-dnsop-5966bis-04.txt> (DNS Transport over TCP - Implementation Requirements) to Internet Standard

Mukund Sivaraman <muks@isc.org> Mon, 23 November 2015 16:07 UTC

Return-Path: <muks@isc.org>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5A3401A896A for <dnsop@ietfa.amsl.com>; Mon, 23 Nov 2015 08:07:58 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.235
X-Spam-Level:
X-Spam-Status: No, score=-1.235 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_SOFTFAIL=0.665] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id BDcTQcRFLPg3 for <dnsop@ietfa.amsl.com>; Mon, 23 Nov 2015 08:07:56 -0800 (PST)
Received: from mail.banu.com (mail.banu.com [46.4.129.225]) by ietfa.amsl.com (Postfix) with ESMTP id F41131A8966 for <dnsop@ietf.org>; Mon, 23 Nov 2015 08:07:55 -0800 (PST)
Received: from jurassic.l0.malgudi.org (unknown [182.156.71.42]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mail.banu.com (Postfix) with ESMTPSA id E7A582BA0E28; Mon, 23 Nov 2015 16:07:52 +0000 (GMT)
Date: Mon, 23 Nov 2015 21:37:48 +0530
From: Mukund Sivaraman <muks@isc.org>
To: dnsop@ietf.org
Message-ID: <20151123160748.GA3031@jurassic.l0.malgudi.org>
References: <20151123135808.2730.32721.idtracker@ietfa.amsl.com>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="tKW2IUtsqtDRztdT"
Content-Disposition: inline
In-Reply-To: <20151123135808.2730.32721.idtracker@ietfa.amsl.com>
User-Agent: Mutt/1.5.24 (2015-08-30)
Archived-At: <http://mailarchive.ietf.org/arch/msg/dnsop/lZqvK8rlOKVwSV3PkPcoRvSZfnk>
Subject: Re: [DNSOP] Last Call: <draft-ietf-dnsop-5966bis-04.txt> (DNS Transport over TCP - Implementation Requirements) to Internet Standard
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 23 Nov 2015 16:07:58 -0000

Hi all

[sending this to only dnsop@ for our discussion]

On Mon, Nov 23, 2015 at 05:58:08AM -0800, The IESG wrote:
> 
> The IESG has received a request from the Domain Name System Operations WG
> (dnsop) to consider the following document:
> - 'DNS Transport over TCP - Implementation Requirements'
>   <draft-ietf-dnsop-5966bis-04.txt> as Internet Standard
> 
> The IESG plans to make a decision in the next few weeks, and solicits
> final comments on this action. Please send substantive comments to the
> ietf@ietf.org mailing lists by 2015-12-07. Exceptionally, comments may be
> sent to iesg@ietf.org instead. In either case, please retain the
> beginning of the Subject line to allow automated sorting.
> 
> Abstract
> 
> 
>    This document specifies the requirement for support of TCP as a
>    transport protocol for DNS implementations and provides guidelines
>    towards DNS-over-TCP performance on par with that of DNS-over-UDP.
>    This document obsoletes RFC5966.

While looking at a bug last week in an implementation of 5966bis and
AXFR, I found that there's no explicit mention of AXFR and out-of-order
replies. AXFR replies [RFC 5936] can arrive in several messages over
TCP. While 5966bis speaks only about re-ordering replies and not
individiual messages (and so, is not incorrect), I feel that explicitly
describing ordering in the AXFR case would avoid confusion.

It seems that AXFR messages would have to be sent in order to avoid
confusion at the client about when a transfer correctly completed
vs. when it timed out. While they can be multiplexed with other DNS
messages, the individual messages of a single transfer must not be sent
out of order.

Similarly, describe IXFR too.

		Mukund