IETF Logo Mail Archive

Re: [dnssd] Adoption call for draft-sctl-advertising-proxy

Jonathan Hui <jonhui@google.com> Fri, 13 August 2021 22:24 UTC

Return-Path: <jonhui@google.com>
X-Original-To: dnssd@ietfa.amsl.com
Delivered-To: dnssd@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 312AE3A28AA for <dnssd@ietfa.amsl.com>; Fri, 13 Aug 2021 15:24:58 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -18.097
X-Spam-Level:
X-Spam-Status: No, score=-18.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.499, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, ENV_AND_HDR_SPF_MATCH=-0.5, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5, USER_IN_DEF_SPF_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=google.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fGUm245WeBNa for <dnssd@ietfa.amsl.com>; Fri, 13 Aug 2021 15:24:52 -0700 (PDT)
Received: from mail-oi1-x22e.google.com (mail-oi1-x22e.google.com [IPv6:2607:f8b0:4864:20::22e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 79D373A28A3 for <dnssd@ietf.org>; Fri, 13 Aug 2021 15:24:52 -0700 (PDT)
Received: by mail-oi1-x22e.google.com with SMTP id w6so18020240oiv.11 for <dnssd@ietf.org>; Fri, 13 Aug 2021 15:24:52 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=/r4NGcL5k+fiNeheeN8uBdqBtgh/d9587eRdaIqGj64=; b=MSJ8kGNYam64WnLiL1Kj7cmsGsgLKCJVk5OO6+bE8ZQDblNmFRTcznMEF/8lWKcOyH R8LcWdx5MrtCEX0RAGJdlj56nlum8+7931HhYCn5J+pnx1OjbrW25NKzEs5YMF76zIuH Uhf/PqkGptT1dlR1Ir1jy7cdM0+k+DetdB8/o/kZI8XFvJpd9pI4AKtV0+LqclYmcf3U G7ifPNt3gWOusLyxsntSCHgnWAQPiUYPk5+pLMDHhBys+VvRDoM4bHniPDOT72tc/i1O adP0354QZaWn4Pa345VqiQUH9flbf5wpRY+bHAHw7A9NtQP2TEM3/GmkkS7hkFWyr/Pe vIYw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=/r4NGcL5k+fiNeheeN8uBdqBtgh/d9587eRdaIqGj64=; b=knKUMBSnHqgIwAhU6prjrcuQayCRJpUIvzkDLZ87A9Q+eCVgZOb/H9lHLYgfXT8Y5Q r8ALhOQ52X+cwMXpPfid/JZUYlhsxKyVPh2NYmMhFK8cWTW//Pas2tvZjNHWNVUK/Pkw qtb+QAoYM7IQmE1GKYnCPeykj9DPLIZgJ4lrp5Je6aC0lrkpCSNWQrexSTundPlrCkLt FlfcO9s5/l/seEqH0klBG0jiDHj3V4nV46GSBA0TvKRB3HC1u7NCMN7MpkZzu5LkqQ+O 1UtNvrGuhw6mBh6gFxAbgsnlnZi5zdLwIj0NTXzPz/aacM2orFJneACQE9eQGtgx0Qhy jRrQ==
X-Gm-Message-State: AOAM532akZ4NfSdyza+wac8hmEGXuHi3XKCZCvMJGDiEEdCta3X0vo31 1on+j6hJhsEf9kZeDG0SijAsowIvO96ISrenOfC9HwouFJ0=
X-Google-Smtp-Source: ABdhPJxttz7DSII3MVnOcFEsChmXOmTrtqOrtDGTDNFRCAYooA3++n5V1VIxHQ3b8naeTVzoO3kpE+6zt4ggZlTdGtY=
X-Received: by 2002:a05:6808:d53:: with SMTP id w19mr3869332oik.24.1628893490726; Fri, 13 Aug 2021 15:24:50 -0700 (PDT)
MIME-Version: 1.0
References: <CADPZrgTu8QeR=yAM+9w0zDJ45Uz7Lgs12-6PKzutTW_p1RkA4Q@mail.gmail.com> <CAPt1N1=NgRRVnD1L_dJ_mZYuE5ReXOv0sK_cL6RcjcmpdQZOYg@mail.gmail.com> <CAGwZUDsWat3yPFt49t-YYdEee9Ck9bq=Fq+c-mgorocfUN22bQ@mail.gmail.com> <CAPt1N1nhNeXPOidkJRGEM=D-Nd+Nb8zndCCGhMJoTXS6POBbUA@mail.gmail.com>
In-Reply-To: <CAPt1N1nhNeXPOidkJRGEM=D-Nd+Nb8zndCCGhMJoTXS6POBbUA@mail.gmail.com>
From: Jonathan Hui <jonhui@google.com>
Date: Fri, 13 Aug 2021 15:24:39 -0700
Message-ID: <CAGwZUDvgFM33rnRkn0VZAx5fd+J-1LmwohoxmzSv0H0n=7pYow@mail.gmail.com>
To: Ted Lemon <mellon@fugue.com>
Cc: dnssd@ietf.org
Content-Type: multipart/alternative; boundary="000000000000e49acf05c9785182"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnssd/XVBrtQ4-UdOzxVP_YVo098bHJlY>
Subject: Re: [dnssd] Adoption call for draft-sctl-advertising-proxy
X-BeenThere: dnssd@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Discussion of extensions to DNS-based service discovery for routed networks." <dnssd.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnssd>, <mailto:dnssd-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnssd/>
List-Post: <mailto:dnssd@ietf.org>
List-Help: <mailto:dnssd-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnssd>, <mailto:dnssd-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 13 Aug 2021 22:24:58 -0000

On Fri, Aug 13, 2021 at 1:07 PM Ted Lemon <mellon@fugue.com> wrote:

> On August 13, 2021 at 1:49:37 PM, Jonathan Hui (jonhui@google.com) wrote:
>
> On Wi-Fi, the device needs to discover the SRP server. Why can't
> dnssd-zone-discover help with that? If there is a single SRP server in the
> network and it is servicing both Wi-Fi and Thread networks, we don't need
> to deal with conflicts. If there are multiple SRP servers, then I hope SRP
> replication will address the vast majority of cases.
>
> dnssd-zone-discover lets you discover DNSSD zones that you can browse. It
> doesn't tell you about the SRP server.
>
Ah, yes, I was confused. Thanks for clarifying.

> We need a different DNSSD advertisement for that. Not a big deal.
>
Yes, agreed.

> Yes. Well, FWIW, my current code does both SRP replication _and_ doesn't
> defend names, so we may be getting operational experience on both. :)
>
That's great to hear!

> Another thing to be aware of is that because of the way mDNS works, if you
> are using mDNS for discovery, a name conflict when names aren't being
> defended will sit around in the cache for a few minutes. If names are
> defended, this doesn't happen; one alternative is to just defend names and
> count on SRP to deal with conflicts, but the downside of this is that now
> there is a delay before the new information appears.
>
> This delay could potentially be minimized by retrying to register as soon
> as the SRP replication update has been acknowledged by all SRP replication
> peers—right now my code (when name defense is enabled) just waits two
> minutes before re-attempting, which is a lot longer than should be
> necessary.
>
Sounds like a good idea to explore. My initial concern is that waiting for
positive confirmation from all peers can lead to other failure modes
resulting from poor implementation or connectivity. At the same time, those
same assumptions are what would lead us back to needing other mitigations.

--
Jonathan Hui

v2.23.0 | Report a Bug | By Email