Re: [DNSOP] Robert Wilton's Discuss on draft-ietf-dnsop-avoid-fragmentation-16: (with DISCUSS)
"Rob Wilton (rwilton)" <rwilton@cisco.com> Mon, 29 January 2024 10:49 UTC
Return-Path: <rwilton@cisco.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 314C7C14F605; Mon, 29 Jan 2024 02:49:18 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -9.603
X-Spam-Level:
X-Spam-Status: No, score=-9.603 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_MSPIKE_H5=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id P4WVmAMaOHcj; Mon, 29 Jan 2024 02:49:14 -0800 (PST)
Received: from rcdn-iport-8.cisco.com (rcdn-iport-8.cisco.com [173.37.86.79]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 10884C151068; Mon, 29 Jan 2024 02:48:57 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.com; i=@cisco.com; l=14139; q=dns/txt; s=iport; t=1706525337; x=1707734937; h=from:to:cc:subject:date:message-id:references: in-reply-to:mime-version; bh=KyRfVMQNKRhsAQP/BMfGOMG73z5MsaAmVckpzYfBU8k=; b=UQys1vv2ZfBIJ+PGVX+x3bSgDmVvJ17a/z1ucbTPmWQkZIawQKrwaX/j Tx40/7YfFtldRz8Zxe3SODdELYZRoqObqTVHir0SQXMTdAf2fx7R44Kmu eDcYRhdHz8uxnyLR7HQC3cCrTiIUg4aDTRQ06c4ijS+sRPpMRprHnUg4n M=;
X-CSE-ConnectionGUID: dL4gPYoRS3Gsfmp7gkWalQ==
X-CSE-MsgGUID: fbkXgmm9TBWafHaPEDb2Dg==
X-IPAS-Result: A0APAAAFgrdlmI9dJa1aHAEBAQEBAQcBARIBAQQEAQFAJYEWBwEBCwGBNTFSegKBBRJIiB4DhE5fhkaCIgOLXotWhlEUgWoPAQEBDQEBLgEMCQQBAYISgnQCh0oCJjQJDgECBAEBAQEDAgMBAQEBAQEBAQYBAQUBAQECAQcFFAEBAQEBAQEBHhkFDhAnhWwBDIZFAQEBAQMBARBcCxACAQgRAwECLyAGCx0IAgQOBQgagl4BghcUAzEDARCpCwGBQAKKKHiBNIEBghYFgU5Brg0Ngk8GgUgBiAceAYFRiFgnG4FJRIEVQoJoPoIfQgEBA4EoAQwGAQkJER6DdIIvBIEVf4NDkzBUfCMDfQgEXA8bEB43ERATDQMIbh0CMTwDBQMEMgocCyEFE0IDQAZJCwMCGgUDAwSBMAUNGgIQGgYMJgMDEkkCEBQDOAMDBgMKMTBVQQxQA2UfMgk8DwwaAhsbDScjAixAAxEQAhYDIhYENBEJCyYDKgY3AhIMBgYGXSYWCQQlAwgEA1QDIXQRAwQKAxQHCwd4ggmBPgQTRxCBN2V5A0QdQAMLbT01FBsFBB8BgRkFlwJ3AgGCOUQmAQMiGRhbBR9sFxEvDJJSJAqDFwGLZI5JlAtwCoQRjAePIASGJReEBYx3mDxkmFQgjU2DfZFChRkCBAIEBQIOAQEGgWM6LT5wcBU7gjMBAQExUhkPjikDDQkWiFaKZXY7AgcLAQEDCYhvASaBUQEB
IronPort-PHdr: A9a23:jOA++hVhpc+169uX8HSkFmH11brV8K01AWYlg6HPw5pHdqClupP6M 1OavLNmjUTCWsPQ7PcXw+bVsqW1QWUb+t7Bq3ENdpVQSgUIwdsbhQ0uAcOJSAX7IffmYjZ8H ZFqX15+9Hb9Ok9QS47lf1OHmnSp9nYJHwnncw98J+D7AInX2t6o1uSu/Jv7aARTjz37arR3f 126qAzLvZwOiJB5YuYpnwHEoHZDZ6xaxHg9I1WVkle06pK7/YVo9GJbvPdJyg==
IronPort-Data: A9a23:738DLqlpXYhMcHKEUqRuBiXo5gxJJkRdPkR7XQ2eYbSJt1+Wr1Gzt xIaWT3TbPyNZWeneNxxbtzj9RhX6MLXy4Q1TgdtpC09QltH+JHPbTi7wugcHM8zwunrFh8PA xA2M4GYRCwMZiaB4E/rav649SUUOZigHtLUEPTDNj16WThqQSIgjQMLs+Mii+aEu/Dha++2k Y20+5C31GONgWYubjpNsfPb8XuDgdyr0N8mlg1mDRx0lAe2e0k9VPo3Oay3Jn3kdYhYdsbSq zHrlezREsvxpn/BO/v9+lrJWhRiro36YWBivkFrt52K2XCukMCdPpETb5LwYW8P49mAcksYJ N9l7fRcQi9xVkHAdXh0vxRwS0lD0aN6FLDvLVzjvvSiyHf9KFT3zfB2U041AoQcw7MiaY1O3 aRwxDEldBuPgae9x6i2D7YqjcU4J86tN4Qa0p1i5WiGVrB9HtaSGOOTuYQwMDQY3qiiGd7Ee MsddT1pRB/BeBZIfFwQDfrSmc/x2SCkLmcD9w39Sawf7WLQ/AN01enRGuXcdPyDfeh5lBy0q TeTl4j+KkpHbIPEk2XtHmiXruPJhiTjHYkSHbyi7dZrjUGdgGsJB3U+VFagrtG4h1KwHdVFJ CQ89iw1qrAa9UG3QJ/6RRLQiHKetxAAHttdD+N/5AeWzbKR6hieB2RBQCRIZ9krstM/WT0t0 HeIks/nQzt1v9WopWm17LyYq3a5PjIYaDBEbi4fRgxD6N7myG0usv7RZtpHTKGNv9rPImrf2 D6PtHcxhIoaifdegs1X4mv7qz6ro5HISCs86QPWQn+p42tFiGiNOtzABb/zsKYoEWqJcmRtq kTojCR30QzjJYuGmCrIS+IXEfT2of2EKzbbx1VoGvHNFghBGVb9LOi8AxkneC+F1/ronxeyP ic/XisKtPdu0IOCN/MfXm5II51CIVLcPdrkTOvISdFFf4J8cgSKlAk3OhbOgz6zzhh1wP9hU Xt+TSpKJStKYUiA5GfnL9rxLZd1rszD7TqKGsinlE7PPUS2PSbFGd/pz2dinshisfvb+1+Km zquH8CL0B5YGPbveTXa9JVbLFYBaxAG6WPe9aRqmhq4ClM+QgkJUqaJqZt4ItANt/oOzI/go CriMnK0PXKi3xUr3y3QNCA6AF4uNL4ixU8G0dsEZgnzgiJ/O9fHAWV2X8JfQITLPddLlJZcZ /IEYM6HRP9IT1z6F/41NMKVQFBKHPhzuT+zAg==
IronPort-HdrOrdr: A9a23:n6bI2qEZ2dV3rMo/pLqFoZLXdLJyesId70hD6qkvc203TiXIra CTdaogtCMc0AxhJk3I+ertBEGBKUmsk6KdkrNhTItKPTOW9FdAQ7sSl7cKrweQfxEWs9Qtqp uIEJIOR+EYb2IK8PoSiTPQe71Psbv3lZxAx92us0uFJjsaEp2Imj0JcTpzZXcGPDWua6BJc6 a0145snRblU3IRaciwG3kCWMb+h/CjrvjbSC9DLSQKrC2Vgx2VyJOSKXWlNxElPA9n8PMHyy zoggb57qKsv7WQ0RnHzVLe6JxQhZ/I1sZDLNbksLlVFhzcziKTIKhxUbyLuz445Mu17kwxrd XKqxA8e+xu9nLqeH2vqxeF4Xih7N9u0Q6g9baruwqnnSXLfkN/NyOHv/MfTvLt0TtjgDi76t MM44vWjesPMfqKplWM2zGBbWAYqqPzmwttrQbW5EYvCrf3r9Rq3NQi1VIQH5EaEC3g7oc7VO FoEcHH/f5TNUiXdnbDowBUsZeRt1kIb167q3I5y4So+ikTmGo8w1oTxcQZkHtF/JUhS4Nc7+ CBNqhzjrlBQsIfcKo4XY46MIaKI32IRQiJPHOZIFzhGq1CM3XRq4Tv6LFw4O2xYpQHwJY7hZ yEWlJFsmw5fV7oFKS1rdd22wGIRH/4USXmy8lY6ZQ8srrgRKDzOSnGU1wqm9vImYRoPiQaYY fFBHt7OY6WEYK1I/c64+TXYegmFUUj
X-Talos-CUID: 9a23:rkzqlW3rc+i1qKr10qCAjrxfFuR5fUXsy03reGCjB2NxF7KWdlaUwfYx
X-Talos-MUID: 9a23:7xFSqgtDO6NfXc86B82nijthBMht5vWSIn8En7UPg+SoP3ZcNGLI
X-IronPort-Anti-Spam-Filtered: true
Received: from rcdn-core-7.cisco.com ([173.37.93.143]) by rcdn-iport-8.cisco.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 29 Jan 2024 10:48:56 +0000
Received: from alln-opgw-1.cisco.com (alln-opgw-1.cisco.com [173.37.147.229]) by rcdn-core-7.cisco.com (8.15.2/8.15.2) with ESMTPS id 40TAmumZ012375 (version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Mon, 29 Jan 2024 10:48:56 GMT
X-CSE-ConnectionGUID: +6dhUQiLQNOt3bh/MfGmBw==
X-CSE-MsgGUID: howEc7vLS+q4WVdTp0AckQ==
Authentication-Results: alln-opgw-1.cisco.com; dkim=pass (signature verified) header.i=@cisco.com; spf=Pass smtp.mailfrom=rwilton@cisco.com; dmarc=pass (p=reject dis=none) d=cisco.com
X-IronPort-AV: E=Sophos;i="6.05,227,1701129600"; d="scan'208,217";a="21663916"
Received: from mail-dm6nam10lp2100.outbound.protection.outlook.com (HELO NAM10-DM6-obe.outbound.protection.outlook.com) ([104.47.58.100]) by alln-opgw-1.cisco.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 29 Jan 2024 10:48:55 +0000
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=QKre6ci7wEE2Y31oOJyKFQqMk7rkbQdNY57C9pRL5Ibhvc6v5zoZ4iepfQPbCEpL5Rew78mYxkRp1GiE1KYFWteqhxoj7DnhQhk0eNFMv+ZYx2IDczQvDjX99Nq2d4WtjeiixLNfIwIpp5C+ZHXvp3f447sLA3d2v39Oz/ClZr3h+cpX1i9xN9KmCEDkzQcqL9CXPEu9WhLgPj3XsKNTGF1NhOq0jqDPZipplQOnFl/EFAUuMUmYdf1b+Novh1UtDSzffsD8hEGnYdr9AtWX12bQYbD2EytnBkGA3UvC+yPWW+yRE5sT5V2Q5khm6byKBKJYqKYB/xQUig6OC+NFoA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=KyRfVMQNKRhsAQP/BMfGOMG73z5MsaAmVckpzYfBU8k=; b=iaRaFZJi28MxqipGCJkqsh5eIkL37u5YjEqEBptUJNPgYnYb+ZD9098Pv54W7daGZZv6zDakYfYes6g/bEPg2+cY5V1FmLGL6E7fir6ScAZsAbBRQfPeAjWkKuMt4CcYf8H1ibvPWVQUdztcRrwUB8//flUbkbsjIAdypEfp8opq69MaHWy0MM9u1cdrgMG+DlgT0NC2M5at+yqhD53m/X6bVRvThPnUc7fQz8uYg1kOSsCVXEZjJTPhG4d59hyF3FdHu5ufiQItlr6HRaZf/5laNMnZNwqqPT2kPSsrZq75foWka5rX7QlQe5v4GoCjDyS337ZMxkNi7haycbJqhg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cisco.com; dmarc=pass action=none header.from=cisco.com; dkim=pass header.d=cisco.com; arc=none
Received: from LV8PR11MB8536.namprd11.prod.outlook.com (2603:10b6:408:1ec::19) by PH0PR11MB7635.namprd11.prod.outlook.com (2603:10b6:510:28e::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7228.32; Mon, 29 Jan 2024 10:48:53 +0000
Received: from LV8PR11MB8536.namprd11.prod.outlook.com ([fe80::f662:b8bc:6176:256d]) by LV8PR11MB8536.namprd11.prod.outlook.com ([fe80::f662:b8bc:6176:256d%2]) with mapi id 15.20.7228.029; Mon, 29 Jan 2024 10:48:53 +0000
From: "Rob Wilton (rwilton)" <rwilton@cisco.com>
To: "draft-ietf-dnsop-avoid-fragmentation@ietf.org" <draft-ietf-dnsop-avoid-fragmentation@ietf.org>
CC: "dnsop@ietf.org" <dnsop@ietf.org>, "benno@NLnetLabs.nl" <benno@NLnetLabs.nl>, "swoolf@pir.org" <swoolf@pir.org>, "tjw.ietf@gmail.com" <tjw.ietf@gmail.com>, The IESG <iesg@ietf.org>, Mahesh Jethanandani <mjethanandani@gmail.com>, "dnsop-chairs@ietf.org" <dnsop-chairs@ietf.org>, Warren Kumari <warren@kumari.net>
Thread-Topic: [DNSOP] Robert Wilton's Discuss on draft-ietf-dnsop-avoid-fragmentation-16: (with DISCUSS)
Thread-Index: AQHaPZInoxGG2QIgR0+/OBCbyGZKHrDwxGkJ
Date: Mon, 29 Jan 2024 10:48:53 +0000
Message-ID: <LV8PR11MB8536B8B0C65B0E2160B82720B57E2@LV8PR11MB8536.namprd11.prod.outlook.com>
References: <170421006263.51518.3056523891589638914@ietfa.amsl.com>
In-Reply-To: <170421006263.51518.3056523891589638914@ietfa.amsl.com>
Accept-Language: en-US
Content-Language: en-GB
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: LV8PR11MB8536:EE_|PH0PR11MB7635:EE_
x-ms-office365-filtering-correlation-id: f100c6e3-027d-4c10-b973-08dc20b7e297
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: prRAspISBnUGSCuzqxr+9E8RQMfax0qN2CNLi1BfhsImtYeCTFhLKu4Ve71RqwkU3K5uvOg2Tib48qXK29UABfHPg95ofZ+6GXCEpQ+NbU1/CQ0VHIdU1/eZYPhu2bgeW1mzS715u1EUp8Te1y/sPKQd4jalhdFUmPii7cW1mWi0amyjAdSUmOuqCAc6oj+MBoO68ZkTDiOgFBFmDeszz/qsCG2gCjBCcwz2al//APoW3bYBNe3xxrD0+S9GaQN36wlsWXyEKkJcS1PuRoCgIx4YlZF6D4I2hJlNsz04hbm6Qfrv17/Owbr3lc4MX9MYjVST2DbnQEdk8jV8K296qdYRb5UrsYZG1JUGizMIeXVlIYcq68UHSjBb9p7x6uYGBiHiaRxv8vrj68MFopQ+5LALs/aFNbfAg5G0jnWCveKF1kYueinEti3C7cAFdYpxpf5T150joYHUmvmNG62mrqvfx1D85YYuFLcysyP3lX2DzruZhO1c0j4v2qlmDwhJ1s/x5kbXAnMjKoOePgfgb3/alYzdk21cSE2CcZrj/F5Ho1Nx2QGps2Wgp+ClXclCffTeCu1V9bpi+aVbgfmmkLoqEw4YNq2xQNUJX+4cUyc=
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:LV8PR11MB8536.namprd11.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230031)(376002)(396003)(346002)(39860400002)(366004)(136003)(230922051799003)(1800799012)(451199024)(186009)(64100799003)(83380400001)(53546011)(6506007)(7696005)(9686003)(38100700002)(122000001)(5660300002)(4326008)(8936002)(52536014)(41300700001)(8676002)(2906002)(478600001)(71200400001)(9326002)(966005)(316002)(66446008)(66476007)(66556008)(54906003)(64756008)(91956017)(6916009)(66946007)(76116006)(38070700009)(33656002)(86362001)(166002)(55016003); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: 0Yw/EVMVnkdt/8Na95kAFVcWs0f3JDtMgx9KnsdZCNmA/0on2C3ag0s5fwo4uK8Z6kfmZ2IjathgkaGdDkH5clbFSqxvQRV4l7TihuJTT8F8JSbHE4h6/ZvTE96pD36461YBy95c6JZpTpMJNC8AS0rK6Fw7l/pN5rEwGZ6FKUJsHdx5mhWeGcDgRWt9PTtUOEs6RBxgO+ITs2CbpgKkR+NS3ZkQVd808vB3x5ysXKPibWGVXS4JFj15tSPDwrtdokQtKX+CB3krVHUp9Mb7At5l1FG4izR+77V3VS2lIStxuhf1SVUXI6qwhU2fOwE1RhEyd2TJmChE4Kri6vbBzfHg8IsuY/9kKWinc9NJlYFubVhCl0eAz2tyXUP97kLtCGOZBZMP4f0bQljfB6m3Ehvko+3I8LtyW3bveDCD/q5OIqbFDVxWqiKgwWKS9MAftEe5DH1n7TTMTF/bNnh0uekGLblDFEGsfPFATRcwWNFh1o3LEp40QO65POk8gRWYeuXUz8F9OWI1tLzXQt24YmN7CtlJ4Px/U1LV8y7creo9Ic2CDUVtSvhXZt27A58fHW72dlexOws/BDDbUZNCE/sUv8wJ/SUYCrez1DRuhT0HZCzmcx6ZOZCD8KmW6f0OpVsISSv2aMP3uGI5oaG7biyMvy6SrDNSxX2QHdgvF83TwhaF8SXdR1VO/mDu24/FK/fUakQpI1SpxQXFTOTB2sI0xOnqB7Vu/VUAIERFnwkQW8ykT6AxAe1hr8rxTkTNamxnUW4ar3uulo0YDanNdzUdRT1mEEsaNFE0PAGrNdlAxsuZGUNjV2qQE5Lcm1ECXcT3Nl73WWwlAvSH+HzLaFvxqy+R4LLJ2XdVL89W39WYOOYGoO9tdnAwZyi3iP4S0AQrV8AcKJR0LUyhnoD2k3fpf+O39V1J8yVBoEI2AxUET4C0XXAJ2bq53SfzxcddIjS3jHN1uw0GTHur1TXmqYywOpbKsW6oGF4Gjw6TQU1MPoEp4UXGN4GqgFrLbAp/J8uHMn4GAgekhipy8QdgFu/4oPTpqKPkwscohIU0fBNm+iK/M7Vfa4gSuWqHLqhM7gc+Qfyc8kg1XbT5agNmvYoBXgd2BSwrBrdUw6FOswKe9ejZ+zyn5vYXgYUv4qee3KlzdydXgk7tQIwfG9pZhdlh9Q+v9ObqGjM4VI+3ZAvIIjugPoAmXCH/1PQjM9hplr4M1cgv9o1rU9UJPDK5+bPkzD15Gef2wy/kmGj5yIvfVJ4SVaZTfJGNNfR2tNGGw8IXXTGaeZIHq25qZvejWge2CnbYStCWJJBNuie0d1D8Pu4jj/v2TpUZ8ReEfAGoDj/zySOKUB6Nm2S2CT/n7UXV9+oqjdu8migSdmLQjX95epebjE39eX9wlL0jMBOTjYcMJ/vg23Fw18dTy9Vh1ViF0G24EGtwMXEZj48d2KPG0N35gNSxzUQfd6gvvddSryVN4PmBOPEDf0Ab6Mn+QSCZnNCpiCGcripvz2VBA59buuEbLLFtQhaa+GH9R8DgUCk+5anllNXx2iWvJpwHZm1Sa7bCSqtT0Sqf0T35g6w3gwvVtxPGgwxxoY6s4AB0FYGgkf2yc+zA1JANkp3VYub8+u9LcMi7Tqd1C/a19K/c+hl54ftl2CBZSP2twXHaeNyV32an4WTLhmuoDhHtjg==
Content-Type: multipart/alternative; boundary="_000_LV8PR11MB8536B8B0C65B0E2160B82720B57E2LV8PR11MB8536namp_"
MIME-Version: 1.0
X-OriginatorOrg: cisco.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: LV8PR11MB8536.namprd11.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: f100c6e3-027d-4c10-b973-08dc20b7e297
X-MS-Exchange-CrossTenant-originalarrivaltime: 29 Jan 2024 10:48:53.2035 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: VtCARGIxOFCQcmoMw02emAJy8WZG7OrOAUQlHWkHL6Jq2yVMQYaQKNIj5mIFWb09vRJG7pbzTIfgORt6hhhgug==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH0PR11MB7635
X-Outbound-SMTP-Client: 173.37.147.229, alln-opgw-1.cisco.com
X-Outbound-Node: rcdn-core-7.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/r5ihTHbnGJHhsCBIQIT-ii1JOMI>
Subject: Re: [DNSOP] Robert Wilton's Discuss on draft-ietf-dnsop-avoid-fragmentation-16: (with DISCUSS)
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 29 Jan 2024 10:49:18 -0000
Hi Authors, Just a note/reminder that I am stepping down as an AD in March. I don’t think that I’ve seen any reply to my DISCUSS comments (perhaps the authors and/or WG are still discussing the resolution), but if you are able to speed this up at all so that I can clear my discuss before I step down that would be preferable. Actually, if you manage to clear all the DISCUSSes on this doc before March, so that Warren can approve it before the new IESG is seated, that would probably make both yours and Warren’s lives slightly easier at the transition. Regards, Rob From: DNSOP <dnsop-bounces@ietf.org> on behalf of Robert Wilton via Datatracker <noreply@ietf.org> Date: Tuesday, 2 January 2024 at 15:41 To: The IESG <iesg@ietf.org> Cc: draft-ietf-dnsop-avoid-fragmentation@ietf.org <draft-ietf-dnsop-avoid-fragmentation@ietf.org>, dnsop-chairs@ietf.org <dnsop-chairs@ietf.org>, dnsop@ietf.org <dnsop@ietf.org>, benno@NLnetLabs.nl <benno@NLnetLabs.nl>, swoolf@pir.org <swoolf@pir.org>, tjw.ietf@gmail.com <tjw.ietf@gmail.com>, tjw.ietf@gmail.com <tjw.ietf@gmail.com> Subject: [DNSOP] Robert Wilton's Discuss on draft-ietf-dnsop-avoid-fragmentation-16: (with DISCUSS) Robert Wilton has entered the following ballot position for draft-ietf-dnsop-avoid-fragmentation-16: Discuss When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer to https://www.ietf.org/about/groups/iesg/statements/handling-ballot-positions/ for more information about how to handle DISCUSS and COMMENT positions. The document, along with other ballot positions, can be found here: https://datatracker.ietf.org/doc/draft-ietf-dnsop-avoid-fragmentation/ ---------------------------------------------------------------------- DISCUSS: ---------------------------------------------------------------------- Hi, Thanks for this document. I'm echoing Paul's and the SECDIR review comments here on the use of MAY in recommendations (since everywhere you see MAY it is equally valid for an interpretation to treat it as "MAY NOT"), but I think that this makes the document, as a proposed BCP, unclear enough that I'm raising this to level of a DISCUSS. (1) p 3, sec 3.1. Recommendations for UDP responders At the time of writing, most DNS server software did not set the DF bit for IPv4, and many OS kernel constraints make it difficult to set the DF bit in all cases. Best Current Practice documents should not specify what is currently impossible, so R2, which is setting the DF bit, is "MAY" rather than "SHOULD". I think that this recommendation, particularly because it is using RFC 2119 language, is unclear. I would suggest rephasing this to something like: R2. Where supported, UDP responders SHOULD set IP "Don't Fragment flag (DF) bit" [RFC0791] on IPv4. (2) p 3, sec 3.2. Recommendations for UDP requestors R6. UDP requestors SHOULD limit the requestor's maximum UDP payload size to the RECOMMENDED size of 1400 or a smaller size. I find this recommendation to be unclear because it mixes both a "SHOULD" and "RECOMMENDED", i.e., I find it unclear as to what the "SHOULD" applies to. Is the recommendation (i) that UDP requestors should limit the maximum UDP payload. Or (ii) is the recommendation that a limit of 1400 be used, or (iii) perhaps both. Maybe rewording this to something like the following would help: R6. UDP requestors SHOULD limit the requestor's maximum UDP payload size to 1400 bytes, but MAY limit the maximum UDP payload size to a smaller size on small MTU (less than 1500 bytes) networks. or, R6. UDP requestors SHOULD limit the requestor's maximum UDP payload size. It is RECOMMENDED to use a limit of 1400 bytes, but a smaller limit MAY be used. (3) p 3, sec 3.2. Recommendations for UDP requestors R7. UDP requestors MAY drop fragmented DNS/UDP responses without IP reassembly to avoid cache poisoning attacks. As written, I don't think that this is really a recommendation. Either it is a just a statement or fact (in which case it is not a recommendation), or it should be upgraded to a SHOULD. (4) p 4, sec 3.2. Recommendations for UDP requestors R7. UDP requestors MAY drop fragmented DNS/UDP responses without IP reassembly to avoid cache poisoning attacks. R8. DNS responses may be dropped by IP fragmentation. Upon a timeout, to avoid resolution failures, UDP requestors MAY retry using TCP or UDP with a smaller EDNS requestor's maximum UDP payload size per local policy. Again, I think that this document would be clearer if this was a SHOULD rather than a MAY. Regards, Rob _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
- [DNSOP] Robert Wilton's Discuss on draft-ietf-dns… Robert Wilton via Datatracker
- Re: [DNSOP] Robert Wilton's Discuss on draft-ietf… Rob Wilton (rwilton)
- Re: [DNSOP] Robert Wilton's Discuss on draft-ietf… Paul Vixie
- Re: [DNSOP] Robert Wilton's Discuss on draft-ietf… Rob Wilton (rwilton)