Re: [DNSOP] Why no more meta-queries? (Was: More work for DNSOP :-)

Shumon Huque <shuque@gmail.com> Mon, 09 March 2015 18:55 UTC

Return-Path: <shuque@gmail.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2EE751A8937 for <dnsop@ietfa.amsl.com>; Mon, 9 Mar 2015 11:55:57 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id VQvLRK__7QfF for <dnsop@ietfa.amsl.com>; Mon, 9 Mar 2015 11:55:55 -0700 (PDT)
Received: from mail-qg0-x235.google.com (mail-qg0-x235.google.com [IPv6:2607:f8b0:400d:c04::235]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 54DE21A9087 for <dnsop@ietf.org>; Mon, 9 Mar 2015 11:55:54 -0700 (PDT)
Received: by qgaj5 with SMTP id j5so30918755qga.12 for <dnsop@ietf.org>; Mon, 09 Mar 2015 11:55:53 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:reply-to:in-reply-to:references:date:message-id :subject:from:to:cc:content-type; bh=Q2g7lN1h2IqdHSR1wQ5r8zwdyVItTeU54dk8sz1qLP8=; b=y6AEFRWUcbj94DMK7rJCPq6sim7EcGbMZ98u8mcFreh0pDPhPa80xO5aCS7eTZSfBo 3J0plfpA2MHCvyxM3dYyx7xrVDkN+Zs5MHXvigjMIV3eOZcLf3A2J4rY3ofTCChIn/Au IeP4PT2HxPMDhVDVH8H3I4JQEYrTm9QObN7T5MuP/KdZSTOf23YtoFLh9UNLV30W7jWr u/LQzgtoAhpGVwtCr1CiaGr4BHfRdTraqqAYtJxeE5XFa1haSS7L/knh5pzX2QAMqPm+ Y8pWbPZz3buOfH/gclPo74QA28ZacOMQYFKqGabLz57EjirQ6Kf755LBmP20Rwx652l/ 4TLg==
MIME-Version: 1.0
X-Received: by 10.55.21.66 with SMTP id f63mr28932183qkh.102.1425927353689; Mon, 09 Mar 2015 11:55:53 -0700 (PDT)
Received: by 10.140.94.105 with HTTP; Mon, 9 Mar 2015 11:55:53 -0700 (PDT)
In-Reply-To: <20150309184507.GA7524@mycre.ws>
References: <20150306145217.GA8959@nic.fr> <54F9C29E.9040408@jive.com> <54F9F90D.1020806@redbarn.org> <54F9FCD3.7010204@jive.com> <54F9FDFA.2030405@redbarn.org> <F25411A6-2CBD-4A76-949C-6E236FA87863@isoc.org> <20150306205920.GA17567@isc.org> <20150309142844.GA11602@nic.fr> <C1F43BD2-126F-4C1D-B084-A4B3A1F98ECD@nominet.org.uk> <CAHPuVdUyQWnRkvRhukHyCzZspUbj9iREyXSLmXTwmOy1m8DBTQ@mail.gmail.com> <20150309184507.GA7524@mycre.ws>
Date: Mon, 9 Mar 2015 14:55:53 -0400
Message-ID: <CAHPuVdXt2qFre9d8pW6KD9etbyFfAMgnycT_k4J9yNxCvoE_sw@mail.gmail.com>
From: Shumon Huque <shuque@gmail.com>
To: Robert Edmonds <edmonds@mycre.ws>
Content-Type: multipart/alternative; boundary=001a1147ecd8646e620510df95be
Archived-At: <http://mailarchive.ietf.org/arch/msg/dnsop/u1SGLtzFuSb1BwfiZ8d5Y7loSZg>
Cc: dnsop <dnsop@ietf.org>
Subject: Re: [DNSOP] Why no more meta-queries? (Was: More work for DNSOP :-)
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: shuque@gmail.com
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 09 Mar 2015 18:55:57 -0000

On Mon, Mar 9, 2015 at 2:45 PM, Robert Edmonds <edmonds@mycre.ws> wrote:

> Shumon Huque wrote:
> > PS. regarding Paul Vixie's recent suggestion of adding an AAAA or A
> record
> > set in the additional section for a corresponding A or AAAA query, I just
> > learned today that Unbound already does this. Not sure if there are any
> DNS
> > client APIs that can successfully make use of this info yet.
>
> Hi, Shumon:
>
> Do you mean that Unbound will accept such answers from servers, or that
> it will send such answers to clients, or both?
>

This was from a transcript of a 'dig' session to an unbound resolver - so
this is unbound sending responses back to clients. I'm not sure if it
accepts such answers from queries to authority servers, nor do I know if
there are any authority servers that return such responses.


> I just tried querying an Unbound 1.5.2 server for a cached, signed pair
> of A/AAAA records and I don't believe Unbound sends such answers to
> clients, at least not by default.
>

Hmm, let me double check the details of the configuration and get back to
you. From the discussion with the colleagues that are running this server,
it sounded like it was the default, but perhaps some configuration knob
needs to be tweaked.

Shumon Huque.