IETF Logo Mail Archive

Re: [DNSOP] Martin Duke's Discuss on draft-ietf-dnsop-avoid-fragmentation-16: (with DISCUSS and COMMENT)

Kazunori Fujiwara <fujiwara@jprs.co.jp> Fri, 01 March 2024 05:25 UTC

Return-Path: <fujiwara@jprs.co.jp>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BECB8C14F6A8; Thu, 29 Feb 2024 21:25:18 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.105
X-Spam-Level:
X-Spam-Status: No, score=-2.105 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=jprs.co.jp
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KzWkZCiwB5sy; Thu, 29 Feb 2024 21:25:14 -0800 (PST)
Received: from off-send41.tyo.jprs.co.jp (off-send41.tyo.jprs.co.jp [IPv6:2001:df0:8:17::50]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id F3394C14F6A6; Thu, 29 Feb 2024 21:25:11 -0800 (PST)
Received: from off-sendsmg31.osa.jprs.co.jp (off-sendsmg31.osa.jprs.co.jp [172.23.8.161]) by off-send41.tyo.jprs.co.jp (Postfix) with ESMTP id 49684407E19; Fri, 1 Mar 2024 14:25:09 +0900 (JST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=jprs.co.jp; s=373623; t=1709270709; bh=JVeiMgCYfr5ri8SxzbF56AWSavW3U7AiMOa0R3tNXv0=; h=Date:To:Cc:Subject:From:In-Reply-To:References; b=dw3cWZhxI3VUuC5u47DwL0Z2R6TZzksYeSmFBvCXr3CgAdrP+mSMOzYz7hWiwm4iu jRptoJF3KEbfj+8aNxRauu+2FRw0wKyXBpDNne2Kkz4fiA9uHRraRorK9VVA5s3GaF yTlgM6sFGSmmvLLuy5//6S8qoIARk+raiT3rS4jFsiKP9f+ErO3z3C0ATg3u1Yok91 r5lVyty6ethMPaq70ccc8kDXLrEINbvEh+gJTDTiXXKjLcDCgVhJBGMPxaDCeoG9xA 367VbZjT2yS7X9G1WN+wpfKJF+1WRrrND54nwAjmHlXajmNQRdN/Aa3an3b5LpvkWO MDoVJPtht1JuQ==
Received: from off-sendsmg31.osa.jprs.co.jp (localhost [127.0.0.1]) by postfix.imss91 (Postfix) with ESMTP id 4AABB6023B6D; Fri, 1 Mar 2024 14:25:08 +0900 (JST)
Received: from localhost (off-cpu08.osa.jprs.co.jp [172.23.4.18]) by off-sendsmg31.osa.jprs.co.jp (Postfix) with ESMTP id 3EC786023901; Fri, 1 Mar 2024 14:25:08 +0900 (JST)
Date: Fri, 01 Mar 2024 14:25:08 +0900
Message-Id: <20240301.142508.1794953986459211842.fujiwara@jprs.co.jp>
To: martin.h.duke@gmail.com
Cc: iesg@ietf.org, draft-ietf-dnsop-avoid-fragmentation@ietf.org, dnsop-chairs@ietf.org, dnsop@ietf.org, benno@NLnetLabs.nl, swoolf@pir.org, tjw.ietf@gmail.com
From: Kazunori Fujiwara <fujiwara@jprs.co.jp>
In-Reply-To: <170422464991.2095.8106947965519322565@ietfa.amsl.com>
References: <170422464991.2095.8106947965519322565@ietfa.amsl.com>
X-Mailer: Mew version 6.8 on Emacs 24.5.1
Mime-Version: 1.0
Content-Type: Text/Plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-TM-AS-GCONF: 00
X-TM-AS-Product-Ver: IMSS-9.1.0.1373-9.0.0.1002-28224.005
X-TM-AS-Result: No--18.010-5.0-31-10
X-imss-scan-details: No--18.010-5.0-31-10
X-TMASE-Version: IMSS-9.1.0.1373-9.0.1002-28224.005
X-TMASE-Result: 10--18.009900-10.000000
X-TMASE-MatchedRID: Ao3ZyaJ3lUtCXIGdsOwlUu5i6weAmSDKZggZX8gYmrVjYAgFNbX3DItn mAJ4y3DcKhGhxq77eMJS1hoSEpOgmBSkSc/89dNcAzk7OH0jXOknhzAhgvoq5yDbJV2PcsBEZng ixNorteAGz1/SaI9xJFFLvGMRv53E7GX0c1UlalxT3j6uyvUYPGl5nVxdmJvHqpX33J0RcGvQk3 hFSUm2ZkROup+YwYJBfFQVW2R7K7vWPeGLd+TBTd9JA2lmQRNUlwdGrOYUgZOevigpTqcro6fUS FyasmFMqc2fZfZNi4jQmVhqZyUK/JEPlX/QkJ9gGqSG/c50XgNK/UZnhtRB4seGgETK4dxtCMmW J6tUT+fbL4bcNZ/0gDfUfO655AaOq1zirKOWNtZBDn6Fjq77juvFkOeR1lmBcfnL37UR/jqf43s u0XhCNKCZS/Gg93ibdAmmyaq2DZxNfs8n85Te8v7E6GNqs6ceHpSfU35Tjw154UBAehU1km8XPK 8AH+KO3QfwsVk0UbtuRXh7bFKB7sZ0+SKPtRBH6oexXoAO4lmXg+xvgFCnftLGnsoa1d0jS4W/M RhJ1X4=
X-TMASE-SNAP-Result: 1.821001.0001-0-1-22:0,33:0,34:0-0
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/x8QuQuDgFXuKHIPPlSDKJ7MUh10>
Subject: Re: [DNSOP] Martin Duke's Discuss on draft-ietf-dnsop-avoid-fragmentation-16: (with DISCUSS and COMMENT)
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 01 Mar 2024 05:25:18 -0000

Sorry for too late reply.
Authors submitted -17 today.

> From: Martin Duke via Datatracker <noreply@ietf.org>
> Date: Tue, 02 Jan 2024 11:44:09 -0800

> Martin Duke has entered the following ballot position for
> draft-ietf-dnsop-avoid-fragmentation-16: Discuss
> 
> When responding, please keep the subject line intact and reply to all
> email addresses included in the To and CC lines. (Feel free to cut this
> introductory paragraph, however.)
> 
> 
> Please refer to https://www.ietf.org/about/groups/iesg/statements/handling-ballot-positions/ 
> for more information about how to handle DISCUSS and COMMENT positions.
> 
> 
> The document, along with other ballot positions, can be found here:
> https://datatracker.ietf.org/doc/draft-ietf-dnsop-avoid-fragmentation/
> 
> 
> 
> ----------------------------------------------------------------------
> DISCUSS:
> ----------------------------------------------------------------------
> 
> 1) I'm unclear about Sec 4, R11 and Appendix B. When configured for minimal
> response, are responses to ALL requesters reduced in size, or only to those
> requesters that indicate a small MTU?
> 
> As DNS becomes a more important vehicle for various discovery protocols (e.g.
> ECH), I would hate for responders to globally invoke a policy that makes it
> hard to deploy those protocols. But I'm happy to discuss this.

When there is a data corresponding to the query,
each DNS response contains one RRSet that matches query (qname, qtype, qcalss)
in the authority section. (Section 4.3.2 of RFC 1034).

If a domainname have multiple HTTPS/SVC RRs (that have complex ECH),
it is an RRSet.

Many 'minimal-responses' implementations simply omit unnecessary RRs,
and the RRSet corresponding to the query responds as is.

Some query types requires additional data in the additional section.
It is written in third paragraph of Appendix B.

  For example,
  MX RR requests mail exchange's A/AAAA into the additional section.

> 2) In section 3.2, R8, please add RFC 8961 as a normative reference for how to
> set the timeout (e.g. "UDP requestors MUST observe [RFC8961] in setting their
> timeout.")

  added (but, "SHOULD")

> ----------------------------------------------------------------------
> COMMENT:
> ----------------------------------------------------------------------
> 
> Thanks to Mirja Kuhlewind for the TSVART review, and to the authors for
> responding.
> 
> (1) I support Rob's DISCUSS (and Paul's comment) about SHOULD/MAY. "do it
> unless the OS makes it impossible" is a typical use of SHOULD.

  Changed as
  "R2.  Where supported, UDP responders SHOULD set IP "Don't Fragment flag (DF) bit" [RFC0791] on IPv4.

> (2) Section 3.1, R1 says that responders SHOULD omit the fragment header. Under
> what circumstances would it be reasonable to keep it?

  Changed as "R1.  UDP responders SHOULD NOT use IPv6 fragmentation [RFC8200]."

--
Kazunori Fujiwara, JPRS <fujiwara@jprs.co.jp>

v2.23.0 | Report a Bug | By Email