Re: [DNSOP] Fundamental ANAME problems

Dan York <york@isoc.org> Tue, 06 November 2018 15:56 UTC

From: Dan York <york@isoc.org>
To: Olli Vanhoja <olli@zeit.co>
CC: "dnsop@ietf.org" <dnsop@ietf.org>
Thread-Topic: [DNSOP] Fundamental ANAME problems
Thread-Index: AQHUcjMbISkZgf9GuEewb6XmP1KpcqU83bOAgAGN8QCAAAgCAIAArT8AgAAVvwCAAEjxAIAAGVcAgALWmgCAAH6ZgA==
Date: Tue, 06 Nov 2018 15:56:22 +0000
Message-ID: <AB45F69E-A3CD-4381-B146-AC5393C4EC38@isoc.org>
References: <CAH1iCirXYsYB3sAo8f1Jy-q4meLmQAPSFO-7x5idDufdT_unXQ@mail.gmail.com> <CA+nkc8C6yVT62cW5QP-ec2ZT7FY_n48Ecr=CLeE6FS_1duBO8g@mail.gmail.com> <CAJhMdTOwU88BkukodL_zXcK1=JenExX4HL46Zzbw=+btLbDG2A@mail.gmail.com> <20181103193258.GE20885@besserwisser.org> <3E93AE5D-C8AC-496E-85DB-57E6F8E92DF5@frobbit.se> <00158263-85dd-69ce-5299-13ff4c2411c5@bellis.me.uk> <DCBDB76E-E9E8-4FAE-9EF4-56EABFFA9AD1@frobbit.se> <17c409ef-207a-2e53-3496-d98727ecb71d@bellis.me.uk> <CABrJZ5EWGZcxhxf+VxuRsS+b7eX8cYsLGrHOrVzk_qmoFDKh7A@mail.gmail.com>
In-Reply-To: <CABrJZ5EWGZcxhxf+VxuRsS+b7eX8cYsLGrHOrVzk_qmoFDKh7A@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
received-spf: None (protection.outlook.com: isoc.org does not designate permitted sender hosts)
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: multipart/signed; boundary="Apple-Mail=_06CF9302-27E6-4CC9-B596-BEE156216A55"; protocol="application/pkcs7-signature"; micalg="sha1"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: bff4e111-c5d7-463d-b250-08d64400664a
X-MS-Exchange-CrossTenant-originalarrivaltime: 06 Nov 2018 15:56:22.5553 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 89f84dfb-7285-4810-bc4d-8b9b5794554f
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN3PR0601MB1138
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/zmgRPPDG8tgAEcKzq6Sla040tI8>
Subject: Re: [DNSOP] Fundamental ANAME problems
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 06 Nov 2018 15:56:30 -0000

Olli,

> On Nov 6, 2018, at 3:23 PM, Olli Vanhoja <olli@zeit.co> wrote:
> 
> In fact if you look at the DNS records some big Internet companies
> they rarely use CNAMEs for www but instead you'll see an A record, that might
> be even backed by a proprietary ANAME solution.

One detail about this is that if the CDN being used by the large Internet company is *also* providing the DNS hosting for the Internet company, then the CDN will do its resolution internally and return A / AAAA records directly. 

I did not do the kind of large scale measurement that Thomas Peterson did, but in anecdotally looking at the www records for a number of sites returning A/AAAA records, I often saw that the ones returning A / AAAA records also had NS records pointing to name servers run by CDNs I could recognize.  (I mentioned this in a note currently as section 2.1 of https://datatracker.ietf.org/doc/draft-york-dnsop-cname-at-apex-publisher-view/ <https://datatracker.ietf.org/doc/draft-york-dnsop-cname-at-apex-publisher-view/>  )

So yes, in those cases the A record is being dynamically created by whatever (potentially proprietary) ANAME/CNAME-like solution the CDN vendor is using internally in their DNS hosting operations. 

Dan

--
Dan York
Director, Content & Web Strategy, Internet Society
york@isoc.org   +1-802-735-1624 
Jabber: york@jabber.isoc.org  Skype: danyork   http://twitter.com/danyork

http://www.internetsociety.org/

Attachment: smime.p7s

[DNSOP] Fundamental ANAME problems Brian Dickson
Re: [DNSOP] Fundamental ANAME problems John Levine
Re: [DNSOP] Fundamental ANAME problems Brian Dickson
Re: [DNSOP] Fundamental ANAME problems John R Levine
Re: [DNSOP] Fundamental ANAME problems Paul Vixie
Re: [DNSOP] Fundamental ANAME problems Matthijs Mekking
Re: [DNSOP] Fundamental ANAME problems Tony Finch
Re: [DNSOP] Fundamental ANAME problems Måns Nilsson
Re: [DNSOP] Fundamental ANAME problems Erik Nygren
Re: [DNSOP] Fundamental ANAME problems Bob Harold
Re: [DNSOP] Fundamental ANAME problems Richard Gibson
Re: [DNSOP] Fundamental ANAME problems Paul Vixie
Re: [DNSOP] Fundamental ANAME problems Christian Huitema
Re: [DNSOP] Fundamental ANAME problems John R Levine
Re: [DNSOP] Fundamental ANAME problems Lanlan Pan
Re: [DNSOP] Fundamental ANAME problems Joe Abley
Re: [DNSOP] Fundamental ANAME problems Måns Nilsson
Re: [DNSOP] Fundamental ANAME problems Patrik Fältström
Re: [DNSOP] Fundamental ANAME problems Ray Bellis
Re: [DNSOP] Fundamental ANAME problems Paul Vixie
Re: [DNSOP] Fundamental ANAME problems Ray Bellis
Re: [DNSOP] Fundamental ANAME problems Brian Dickson
Re: [DNSOP] Fundamental ANAME problems Patrik Fältström
Re: [DNSOP] Fundamental ANAME problems Ray Bellis
Re: [DNSOP] Fundamental ANAME problems Ray Bellis
Re: [DNSOP] Fundamental ANAME problems Paul Ebersman
Re: [DNSOP] Fundamental ANAME problems Paul Ebersman
Re: [DNSOP] Fundamental ANAME problems Ray Bellis
[DNSOP] CNAME at apex - a website publisher persp… Dan York
Re: [DNSOP] Fundamental ANAME problems Måns Nilsson
Re: [DNSOP] Fundamental ANAME problems Joe Abley
Re: [DNSOP] Fundamental ANAME problems manu tman
Re: [DNSOP] Fundamental ANAME problems Ray Bellis
Re: [DNSOP] Fundamental ANAME problems Paul Ebersman
Re: [DNSOP] Fundamental ANAME problems Jim Reid
Re: [DNSOP] Fundamental ANAME problems Paul Vixie
Re: [DNSOP] Fundamental ANAME problems Paul Vixie
Re: [DNSOP] Fundamental ANAME problems Ray Bellis
Re: [DNSOP] Fundamental ANAME problems Ray Bellis
Re: [DNSOP] Fundamental ANAME problems Paul Vixie
Re: [DNSOP] Fundamental ANAME problems Mark Andrews
Re: [DNSOP] Fundamental ANAME problems Tony Finch
Re: [DNSOP] Fundamental ANAME problems Mark Andrews
Re: [DNSOP] Fundamental ANAME problems Patrik Fältström
Re: [DNSOP] Fundamental ANAME problems Joe Abley
Re: [DNSOP] Fundamental ANAME problems Ray Bellis
Re: [DNSOP] Fundamental ANAME problems Olli Vanhoja
Re: [DNSOP] Fundamental ANAME problems Thomas Peterson
Re: [DNSOP] Fundamental ANAME problems Tony Finch
Re: [DNSOP] Fundamental ANAME problems Joe Abley
Re: [DNSOP] Fundamental ANAME problems Patrik Fältström
Re: [DNSOP] Fundamental ANAME problems Dan York
[DNSOP] Further ANAME minimization /\ Ray converg… Tony Finch
Re: [DNSOP] Fundamental ANAME problems Ray Bellis
Re: [DNSOP] Fundamental ANAME problems Ray Bellis
Re: [DNSOP] Fundamental ANAME problems Ray Bellis
Re: [DNSOP] Further ANAME minimization /\ Ray con… Ray Bellis
Re: [DNSOP] Fundamental ANAME problems Tony Finch
Re: [DNSOP] Further ANAME minimization /\ Ray con… Ray Bellis
Re: [DNSOP] Further ANAME minimization /\ Ray con… Tony Finch
Re: [DNSOP] Fundamental ANAME problems Patrik Fältström
Re: [DNSOP] Further ANAME minimization /\ Ray con… Matthijs Mekking
Re: [DNSOP] Further ANAME minimization /\ Ray con… Richard Gibson
Re: [DNSOP] Further ANAME minimization /\ Ray con… Tim Wicinski
Re: [DNSOP] Further ANAME minimization /\ Ray con… Ray Bellis
Re: [DNSOP] Further ANAME minimization /\ Ray con… Michael J. Sheldon
Re: [DNSOP] Further ANAME minimization /\ Ray con… tjw ietf
Re: [DNSOP] Further ANAME minimization /\ Ray con… Kevin Darcy
Re: [DNSOP] Fundamental ANAME problems Richard Gibson
Re: [DNSOP] Fundamental ANAME problems Matthijs Mekking
Re: [DNSOP] Fundamental ANAME problems Tim Wicinski
Re: [DNSOP] Fundamental ANAME problems Tony Finch
Re: [DNSOP] Fundamental ANAME problems Bob Harold
Re: [DNSOP] Fundamental ANAME problems Richard Gibson
Re: [DNSOP] Fundamental ANAME problems Matthijs Mekking
Re: [DNSOP] Fundamental ANAME problems Thomas Peterson
Re: [DNSOP] Fundamental ANAME problems Tim Wicinski

Re: [DNSOP] Fundamental ANAME problems

Attachment: smime.p7s