[DNSOP] Hybird Resolver/ DNS invariants
Davey Song <songlinjian@gmail.com> Tue, 16 June 2020 02:24 UTC
Return-Path: <songlinjian@gmail.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0EA883A0FA7 for <dnsop@ietfa.amsl.com>; Mon, 15 Jun 2020 19:24:05 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Level:
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Z1OpxM86LcHz for <dnsop@ietfa.amsl.com>; Mon, 15 Jun 2020 19:24:03 -0700 (PDT)
Received: from mail-qv1-xf2a.google.com (mail-qv1-xf2a.google.com [IPv6:2607:f8b0:4864:20::f2a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 24B893A0F9E for <dnsop@ietf.org>; Mon, 15 Jun 2020 19:24:02 -0700 (PDT)
Received: by mail-qv1-xf2a.google.com with SMTP id er17so8790298qvb.8 for <dnsop@ietf.org>; Mon, 15 Jun 2020 19:24:02 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to; bh=5Kt4FP5CqvVOjTv9FrQjo/p/HPmCsk18CMM36b8e8Vw=; b=SzPwHcnhKpJwUDy6Z0DMrBWJuqCfZMdYXtw4k1yEq5D2lR/Wb6985Tx3jQcuZ9qAI8 A29HVM4EUgO39V0GqFiW40y3/26eMeM5A/I5/hDX5m0cC/AsQsBO28/AYXi4BWprUntG kEZqfQF6RWZWOhqoz7e5ry7nmHz+r5PHNqqRlzvsiXu14kVkdBILZ3nF8IsFfxzA5CyV JEAqAwRopJUAyTEDmFXOERFPLWKGSp8Cr/cGN0qHrLQSI2yd8wofF3PDp76p9o0VAnM4 FHsiMK29zpWu5h+xGOHSGItJt/rd4EK7ymV0/I0MpPsluNe3dtrELmjQlBhzuWQiM85y 5gKw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=5Kt4FP5CqvVOjTv9FrQjo/p/HPmCsk18CMM36b8e8Vw=; b=pHoKhlccJsDjVBET/Nh4NSVgClsFn3whMLxOCpcgixAeAoFWz8tQyNQVGVPy/J3hoI XOQHHtXD8QQSCjKVHx0CgXb++OAdSe8Mgrt4Nd9ghHb/t6YWV7qhDWusZws9lx4+0zKD XlA25G0OCrk2qaqLweFMfkRgMksw7JX0KSSHO9opHMLyOw/pr4FOJqAe9HvFu0Oj6mlz EoSj8QLTIe4KpBRviI7cHvOpsa8tpo76GHVcavrsRlE+bjJ3IRQfw2Dpg4PD9BlOBtnc Yk3AHKKc1oDVOEsZ+SSNLkCGpRP9+YRzau7Ur/Sawld6/DB8PwEWi7efZKTRwwFYALlu HggQ==
X-Gm-Message-State: AOAM5333PHJNJC8/CfcSieW1HjH1HXIf4uEAurH0nMPPkbjSfixlKIly 06zi+rEDb7pirORlZv/iUYnD1Ig+lpH6j8QY/oS9l9xR
X-Google-Smtp-Source: ABdhPJyNEHKdc9F3voq8DCz0NO1aZ5MjnjIEbQKPoMhxy8sspe+OHlR4NvS1wEekdlZJbuckMHoq6JBQlu/BocfTXv4=
X-Received: by 2002:a0c:8d46:: with SMTP id s6mr131690qvb.241.1592274241844; Mon, 15 Jun 2020 19:24:01 -0700 (PDT)
MIME-Version: 1.0
From: Davey Song <songlinjian@gmail.com>
Date: Tue, 16 Jun 2020 10:23:50 +0800
Message-ID: <CAAObRXJF5S59jt9ipBtOLw3TK9x64+MJ3XaecWzURKBnhLtF7A@mail.gmail.com>
To: dnsop <dnsop@ietf.org>
Content-Type: multipart/alternative; boundary="00000000000091f93805a82a3c49"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/zxhhO1uJyK3os-6gYDONDzwSlec>
Subject: [DNSOP] Hybird Resolver/ DNS invariants
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 16 Jun 2020 02:24:05 -0000
Hi folks, I happened to run into a discussion of behaviors of Hybrid Resolver/ DNS invariants where some of the non-typical uses of DNS are listed, especially on the resolver. I'm encouraged to put them down as a requirement draft of these uses of DNS and ask the mailing list whether it is a good idea. I hope it is helpful to provide information including risk for people who are doing or going to the same thing. There are some existing cases in the discussion: 1. A resolver syncs (pull or receive server push) with an authoritative server. It reduces the recursion and resolves the very-short TTL requirement. RFC7706 provides an approach. Other resolveless approaches are used as well.. 2. A resolver can forward queries to another resolver if the load is high to reduce the recursion. 3. A resolver/authoritative server mode serving Apps via DoH or other Application-level DNS. Operators of apps can edit each response on demand and propagate the changes of DNS RR in seconds. It also provides a private zone and names for each Apps. 4. A Hybrid DNS which is used as a name server but cache and pull the authoritative data from another authoritative server. It provides an approach to easily scale the system without any change of existing authoritative DNS. Do you think it is a useful effort for DNSOP WG? Any suggestions or observed related discussions on the DNS invariants? Best regards, Davey
- [DNSOP] Hybird Resolver/ DNS invariants Davey Song
- Re: [DNSOP] Hybird Resolver/ DNS invariants Ralf Weber
- Re: [DNSOP] Hybird Resolver/ DNS invariants Mats Dufberg
- Re: [DNSOP] Hybird Resolver/ DNS invariants Paul Vixie
- Re: [DNSOP] Hybird Resolver/ DNS invariants Davey Song
- Re: [DNSOP] Hybird Resolver/ DNS invariants Paul Vixie