Re: [DNSOP] RFC 8482 (the ANY -> HINFO hack) and DNAME

Tony Finch <dot@dotat.at> Fri, 15 November 2019 13:26 UTC

Return-Path: <dot@dotat.at>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 036C512025D for <dnsop@ietfa.amsl.com>; Fri, 15 Nov 2019 05:26:46 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.198
X-Spam-Level:
X-Spam-Status: No, score=-4.198 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4NW6akAmcfMz for <dnsop@ietfa.amsl.com>; Fri, 15 Nov 2019 05:26:44 -0800 (PST)
Received: from ppsw-43.csi.cam.ac.uk (ppsw-43.csi.cam.ac.uk [131.111.8.143]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D3FA712085E for <dnsop@ietf.org>; Fri, 15 Nov 2019 05:26:43 -0800 (PST)
X-Cam-AntiVirus: no malware found
X-Cam-ScannerInfo: http://help.uis.cam.ac.uk/email-scanner-virus
Received: from grey.csi.cam.ac.uk ([131.111.57.57]:35288) by ppsw-43.csi.cam.ac.uk (ppsw.cam.ac.uk [131.111.8.139]:25) with esmtps (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) id 1iVbcW-001G9c-n4 (Exim 4.92.3) (return-path <dot@dotat.at>); Fri, 15 Nov 2019 13:26:40 +0000
Date: Fri, 15 Nov 2019 13:26:39 +0000
From: Tony Finch <dot@dotat.at>
To: Shane Kerr <shane@time-travellers.org>
cc: dnsop@ietf.org
In-Reply-To: <a8e99b8e-101e-7516-8af6-f8c1ffe436b8@time-travellers.org>
Message-ID: <alpine.DEB.2.20.1911151323320.10845@grey.csi.cam.ac.uk>
References: <a8e99b8e-101e-7516-8af6-f8c1ffe436b8@time-travellers.org>
User-Agent: Alpine 2.20 (DEB 67 2015-01-07)
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/plCHq_a4MnIlr0aeL3sxHxAO9fU>
Subject: Re: [DNSOP] RFC 8482 (the ANY -> HINFO hack) and DNAME
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 15 Nov 2019 13:26:46 -0000

Shane Kerr <shane@time-travellers.org> wrote:

> On the other hand, it seems unlikely that any resolver actually sends
> ANY queries to authoritative servers.

This happens when the resolver's cache doesn't have an entry for the name,
so the resolver sends the ANY query to the authoritative servers. It's
rare because ANY queries are rare, but it's easy to make it happen when
you want it to.

> We have chosen to perform CNAME synthesis for ANY queries that match a DNAME
> subtree, based on the logic that if CNAME is special when added by hand then
> it is probably also special when synthesized.

That's correct.

Tony.
-- 
f.anthony.n.finch  <dot@dotat.at>  http://dotat.at/
Lundy, Fastnet, Irish Sea: North 5 to 7, occasionally gale 8 at first, except
in Irish Sea. Moderate or rough, becoming slight in northern Irish Sea.
Showers. Good, occasionally moderate.