Re: [DNSOP] Fwd: New Version Notification for draft-sury-deprecate-obsolete-resource-records-00.txt

Jared Mauch <jared@puck.Nether.net> Sat, 24 March 2018 12:50 UTC

Return-Path: <jared@puck.nether.net>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 654B8127AD4 for <dnsop@ietfa.amsl.com>; Sat, 24 Mar 2018 05:50:01 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.211
X-Spam-Level:
X-Spam-Status: No, score=-4.211 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6fNlA0qmWFHx for <dnsop@ietfa.amsl.com>; Sat, 24 Mar 2018 05:49:59 -0700 (PDT)
Received: from puck.nether.net (puck.nether.net [204.42.254.5]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3D1091201F2 for <dnsop@ietf.org>; Sat, 24 Mar 2018 05:49:59 -0700 (PDT)
Received: by puck.nether.net (Postfix, from userid 162) id 9BDF6540EBF; Sat, 24 Mar 2018 08:49:58 -0400 (EDT)
Date: Sat, 24 Mar 2018 08:49:58 -0400
From: Jared Mauch <jared@puck.Nether.net>
To: =?utf-8?B?T25kxZllaiBTdXLDvQ==?= <ondrej@isc.org>
Cc: Paul Vixie <paul@redbarn.org>, Bob Harold <rharolde@umich.edu>, dnsop <dnsop@ietf.org>
Message-ID: <20180324124958.GA29255@puck.nether.net>
References: <152180695934.17546.2068402636242578841.idtracker@ietfa.amsl.com> <9CEA4F8F-4E71-4508-A088-103DD58F88E1@isc.org> <CA+nkc8DhXEEhiDqwHuA-_zNQc0n=rTZ-VZ6X8-0w-tY_0SC0eA@mail.gmail.com> <40ABB9EB-58EC-48FF-8117-60EE0E7006EF@isc.org> <CA+nkc8BfMKRUHuW+3EzOCeZHfmu1jeOgfVcszTbTYh9k2VTBcA@mail.gmail.com> <002DCABB-24CE-42FA-8DA6-2A458E5F89A1@isc.org> <5AB53F8B.9070504@redbarn.org> <7CF21F70-9419-4D6A-B555-FC229F90E8A9@isc.org> <5AB546CB.3030408@redbarn.org> <CCAE4014-67F8-4E73-A893-AA06B83E880B@isc.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
In-Reply-To: <CCAE4014-67F8-4E73-A893-AA06B83E880B@isc.org>
User-Agent: Mutt/1.9.4 (2018-02-28)
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/u9B3EkutFRqdTnSQjy_9VKEHFk8>
Subject: Re: [DNSOP] Fwd: New Version Notification for draft-sury-deprecate-obsolete-resource-records-00.txt
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 24 Mar 2018 12:50:01 -0000

On Fri, Mar 23, 2018 at 06:32:07PM +0000, Ondřej Surý wrote:
> What’s so wrong of using TYPExxx for these if you absolutely need them to run the ancient technology while at the same time running the latest version of BIND (or your favorite DNS server)?
> 
> Your argument feels like strawman to me. And I am not the one sitting on a pile of passive DNS data, so I can’t pull the numbers...
> 
> We are not taking the ability to put random TYPEnnn records into the zone, we are just saying the tools just won’t understand them anymore. Again nothing is going to break on the day one.

	Ondrej,

	I think the issue here is just because it's not commonly seen on the
public internet, doesn't mean it's not used.  We don't use DHCP to configure
p2p links on routers, this doesn't mean that DHCP can go away, it's used
elsewhere.

	I think what Paul is trying to point out is the same thing, some
enterprises may still be using it internally.  Just because we
don't use the RR type in isc.org, nether.net, akamai.com doesn't mean
nobody is using it for their internal networks.  We should attempt to
determine who may be using it.  This can be done by logging or a survey
of folks doing slave zones, etc.

	isc/bind can and perhaps should implement logging for these
rrtypes that say they may be going away so folks can see the impact.

	ISC/bind also have a history of doing this with the warn & fail
directives in the named.conf file, which would be a great way to expose
these types of items.  check-old-rrtype (warn|fail|ignore) or something
similar would be useful to an actual operator.

	here's some data on rrtypes seen in my nameserver.

	- Jared

server0.queries=109159256
server1.queries=100199925
num.queries=209359181
num.type.TYPE0=27
num.type.A=98905962
num.type.NS=3428038
num.type.MD=0
num.type.MF=0
num.type.CNAME=949771
num.type.SOA=807788
num.type.MB=0
num.type.MG=0
num.type.MR=0
num.type.NULL=28
num.type.WKS=0
num.type.PTR=8847792
num.type.HINFO=1178
num.type.MINFO=0
num.type.MX=4110956
num.type.TXT=1164968
num.type.RP=0
num.type.AFSDB=2018
num.type.X25=0
num.type.ISDN=0
num.type.RT=0
num.type.NSAP=0
num.type.SIG=0
num.type.KEY=0
num.type.PX=0
num.type.AAAA=64526576
num.type.LOC=2288
num.type.NXT=780
num.type.TYPE31=108
num.type.SRV=2194823
num.type.NAPTR=18707
num.type.KX=0
num.type.CERT=6
num.type.TYPE38=238830
num.type.DNAME=9
num.type.OPT=0
num.type.APL=0
num.type.DS=177999
num.type.SSHFP=4846
num.type.IPSECKEY=0
num.type.RRSIG=20178
num.type.NSEC=281
num.type.DNSKEY=2261055
num.type.DHCID=0
num.type.NSEC3=0
num.type.NSEC3PARAM=2596
num.type.TLSA=22176
num.type.TYPE53=8
num.type.CDS=2267
num.type.CDNSKEY=2027
num.type.OPENPGPKEY=0
num.type.CSYNC=0
num.type.TYPE65=2
num.type.TYPE92=9
num.type.SPF=109981
num.type.NID=0
num.type.L32=0
num.type.L64=0
num.type.LP=0
num.type.EUI48=0
num.type.EUI64=0
num.type.TYPE127=5
num.type.TYPE143=1
num.type.TYPE165=1
num.type.TYPE191=335
num.type.TYPE222=3
num.type.TYPE223=27
num.type.TYPE239=29
num.type.TYPE240=2
num.type.TYPE243=2
num.type.TYPE246=1
num.type.TYPE247=41
num.type.TYPE251=26458
num.type.TYPE252=3312
num.type.TYPE253=42
num.type.TYPE254=29
num.type.TYPE255=21357118
num.opcode.QUERY=209248548
num.opcode.NOTIFY=80330
num.class.IN=209324746
num.class.CH=4132
num.rcode.NOERROR=138257521
num.rcode.FORMERR=417
num.rcode.SERVFAIL=132820
num.rcode.NXDOMAIN=25011450
num.rcode.NOTIMP=56046
num.rcode.REFUSED=36625841
num.rcode.YXDOMAIN=0
num.rcode.NOTAUTH=4
num.edns=189357953
num.ednserr=307
num.udp=171926848
num.udp6=28159814
num.tcp=9107734
num.tcp6=164785
num.answer_wo_aa=703271
num.rxerr=0
num.txerr=6
num.raxfr=54
num.truncated=12595885
num.dropped=2592
zone.master=70
zone.slave=9350


-- 
Jared Mauch  | pgp key available via finger from jared@puck.nether.net
clue++;      | http://puck.nether.net/~jared/  My statements are only mine.