IETF Logo Mail Archive

Re: [dnssd] SRP Update: which A/AAAA records to include?

Esko Dijk <esko.dijk@iotconsultancy.nl> Wed, 18 May 2022 14:13 UTC

Return-Path: <esko.dijk@iotconsultancy.nl>
X-Original-To: dnssd@ietfa.amsl.com
Delivered-To: dnssd@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9A5C2C157B33 for <dnssd@ietfa.amsl.com>; Wed, 18 May 2022 07:13:15 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Level:
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=iotconsultancy.nl
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Ntgx4ebp6Q6E for <dnssd@ietfa.amsl.com>; Wed, 18 May 2022 07:13:10 -0700 (PDT)
Received: from EUR04-HE1-obe.outbound.protection.outlook.com (mail-he1eur04on0721.outbound.protection.outlook.com [IPv6:2a01:111:f400:fe0d::721]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 56DC3C157901 for <dnssd@ietf.org>; Wed, 18 May 2022 07:13:09 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=fyP453q/EZwqUgbdHtPATTpUZjC0+FJ40e0xhlwHrQhuzPuYwAyNJXUPStPUZYNyZIlK2NmK+AS4Yq683AXWjZp5pXCk2kQvbesyDrdXFS6Ml7Ld7NdSxwZxTWmcZP/XvKTOAvagCtLF1Ur75/y5euxo7U5TENDEfiA3dN10cxs30/WmbJfbdTJkPzlkZRYSTutZHF9QfNGeuTIT7oDJ2jG4Ca1XA6TBXLWQ2OjBUvDjC17NQbaeXuNZ+uPxBKP2jMbihvFgCHL/eTIGCHiZWRUX2BjrGSjMPzWlOT6GADLuIgUnJt1S59EPBybRku02NbbtATs/zAVFb5LhEIYotw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=i/xLx1DEQEePuOhyuJHQxd0LAxDeZFb2+9BEgmQAo1A=; b=aV1qJjBwNRhWL+v9PckqQBlWS6UrX6aup3FAmIRs5xxNntlMAbnn+2PcumRFPGG6B+AA9GnVS1w062foyR8QYtt1Y7bXEDAbSJE58nk1zoEOmEPRusaBDA3dV9YDOopNE0Nk52SPgr0nkpWzF4joEYAk+jK6igZDLioh35/bLbWQICMFhpmUFg1b/J3iGKBFhxls6DoESQWgFrCSGCUKgLXZ8UCvvDptpU0BdzX4oCQnqcF3JkoixXNd1cgQwOIeQc5iBqr138nc2h/8k01bmeDNBxRSDsIiAt1TK6sVwt3/S3oZ5v9Ic8ITVLpzBVKNy8zI6DnvGlRS1sRBNIdT9Q==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=iotconsultancy.nl; dmarc=pass action=none header.from=iotconsultancy.nl; dkim=pass header.d=iotconsultancy.nl; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=iotconsultancy.nl; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=i/xLx1DEQEePuOhyuJHQxd0LAxDeZFb2+9BEgmQAo1A=; b=D0rCDS9BEdZBWz9+Oj9baTbTijDASWqJXeCEAOQQWqfnvlC86+p5Jx9c1yI9o3qUulol3ZtRQWc1rhhqdX/APUd/Gx50UIyYk40vCJ4gGrYWhNHtPR8QPKdX4nqlu6acHJ18mkQO/wRWWIz2T4KxPdmPtP2v+u5DMjtFg+Wq/os=
Received: from DU0P190MB1978.EURP190.PROD.OUTLOOK.COM (2603:10a6:10:3b9::20) by PAXP190MB1520.EURP190.PROD.OUTLOOK.COM (2603:10a6:102:1c5::5) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5273.14; Wed, 18 May 2022 14:13:06 +0000
Received: from DU0P190MB1978.EURP190.PROD.OUTLOOK.COM ([fe80::d19a:a24c:bd5c:95da]) by DU0P190MB1978.EURP190.PROD.OUTLOOK.COM ([fe80::d19a:a24c:bd5c:95da%9]) with mapi id 15.20.5273.014; Wed, 18 May 2022 14:13:06 +0000
From: Esko Dijk <esko.dijk@iotconsultancy.nl>
To: Ted Lemon <mellon@fugue.com>
CC: "dnssd@ietf.org" <dnssd@ietf.org>
Thread-Topic: [dnssd] SRP Update: which A/AAAA records to include?
Thread-Index: AdhqvCqQQaESeNDeTliPMk2mapFNqQABBiQAAAAhJDA=
Date: Wed, 18 May 2022 14:13:05 +0000
Message-ID: <DU0P190MB19782E4E26ECA358E5BA1670FDD19@DU0P190MB1978.EURP190.PROD.OUTLOOK.COM>
References: <DU0P190MB19783F222A7C5EE99DCC5A4DFDD19@DU0P190MB1978.EURP190.PROD.OUTLOOK.COM> <CAPt1N1ki+CkZGDBe2xS7B_MGPsDZt9ywYWpffMRB8AbAo0+9JA@mail.gmail.com>
In-Reply-To: <CAPt1N1ki+CkZGDBe2xS7B_MGPsDZt9ywYWpffMRB8AbAo0+9JA@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=iotconsultancy.nl;
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: e446d346-f7e7-4709-06ba-08da38d88744
x-ms-traffictypediagnostic: PAXP190MB1520:EE_
x-microsoft-antispam-prvs: <PAXP190MB1520AFC99D86C4D2D55B3F9FFDD19@PAXP190MB1520.EURP190.PROD.OUTLOOK.COM>
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: cbPamOQfz40WbQ39vZ337EITuKgGGXMU/HN8fHwXpzbbdzZWKuSsQv+2j0fr4ADu+kEdt7phhf0bW1qQDyKvTHW2bE+G9DDhnGznkjyzyhuRhj+mICrpJaLpe9aXR7H3jKHnQ/3OXTTxqqVfE6smeLOAuxCnAV5Fj5QE4gzCclGoY+NZ77kYSIT7f+EpKpHBzGwsRMO7d6jfaBM7OF5iuCRxjv/JV7ZoO7kfb+9h3Yb3Od2kCu8h3L+v4Ad5TmWFNRWXDR2g3Pzk7E9wkH/T5wR1RlynTAjOFRW0DW+vv6aS8gLsnUdsjFplVzyvtmY5IWgvMrpJ6O/6gPfnqiqeOKSSwoVA/uii8YAHmDrrACaPQJEkQwBo/FwEwi1S2cepbhbdwWRPG2rc70/kc3PMBIUNcEx9v4trMptu09sSyHRrSQLIyqa1kwOEdpNIZj+xK7Z8v2yDDn2CS86GvjnuRDV77sjGwKk8fodjDc4xCA3TnjfcQu+miSpg9Y/RV8GVNiGY1m1ugx7dnkdH2GZ+Z95jG/1m5TKg48EvOl56ICKBx7LPw5g2TLYEi4xj0IHyqq6NK+lynDn53X5qsl2eL3AQBnpntmL6Es8xVMyTsRGWAp9wj4pBLW9jyFd/OjEJjgARwmDFXlf3vSIanuSSB05mWGTNmTDPBrYRgAwyaiQ3/R358eJehiCx/PrBkrajXDbV97PN1OhbHcz+iogebJDWy7YtOr0vTRhowDCt3FZoUOva+O2b1LnWnsFQEwR6T0FJBvs91tOuqGKGTr6JPOYv2m5o5QarotoXmV39IEQ=
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:DU0P190MB1978.EURP190.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(13230001)(366004)(376002)(136003)(39830400003)(346002)(396003)(122000001)(966005)(38100700002)(2906002)(186003)(55016003)(8936002)(9686003)(15650500001)(5660300002)(33656002)(41300700001)(71200400001)(44832011)(8676002)(508600001)(4326008)(52536014)(76116006)(66946007)(166002)(83380400001)(7696005)(66556008)(66446008)(64756008)(66476007)(86362001)(38070700005)(6916009)(53546011)(316002)(6506007); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 2
x-ms-exchange-antispam-messagedata-0: b5jsgPsxofssYNtM+vi2qDi9U4fVQu+/d7zfdS+bbsc7QD0JXWOVOIijZpj2hXzRWPN8KC8dgu1FkXCBuoe8/MzNK8tcB/q5YG5GTGGmvNQ/5C6cA7ef7OKd+xOqsl7RdkEwJhKyi5aabf3AG2PhRT8Hr2baXM7ytZlaaMP2jKlsBRiDHhDZ94N3BSuIgxguZcEGkaaLDR3pxtvXN1CTvhPQ/oMiU0Ak2v7kByD8buRlvZvaeOnMxgSSZMOcOnG9EkaBtdNZDWoEI+NDRAi8+EI+kiAgRyJLB1hZqQxBYd0TCongzdVxQoA5uhz/kxFt6cfy6rAFHqb9IVphaDZlbwzsFMEUU6Ooi/69n0bghp2u3HniLPt+wdxuDQk0NDRXMitzGuJHF+jRRtlFh9nXwk1hlAaf/Y1ouZ1TFxhPXooT54ByQeKBLLpVmOB6wGMSmnEWCuml1Hj5Ab2RAgRlAc8O8S1T+EuW4oS0u6A89G/+AtJYBnzQ5PGKqJXd/KdBltF5HFRro1CevhnDQFQcA1VmIP19zRq0rMmzhB03iwEt8RxDaUHQsMMwCJeh+HAwzTaooojZ5nWcHOUM0KgQrZsQ4A9bt//vZk5igu7FEL1b7PJi7bqtrrfq41uAX161tATVJXENJxQs2LcUw4JRtlEfg4uxqj+qSpxpqgphc+iCiCPhRMXL+pvrNiUaZTdaN0nEo6gQS8Of9MygcMd11UYeKfqO/UTX/D0DJpo+YkW2YdyHQlkqHJ6TsSKfnuLsLIKWOl1FRe88vcPSzb8uTMtUOY3B/In3jb3w1ZImV2ormNGtouznS6LOD/TjQr1/sUsT1yE2x6ow9TkdRom6kMY3k4xRyiYsCUMe4DjbNGndiPPcbed/9wLx9fi8OEO6aUjKRxn0uMzF06usV8jmbVWJAJqTa5vgAL73OCvoUaTtos/f+aDHe/fdxVN6qEbJFRkBNSKrO2Mbj3kSJQQVASf2H8cxydogCBU0v2qPWnUKcq4P76qiCJj+4lCUr75QeMpre5p6wMdhtJNC43MWFqKdtxILZf37cHF3nXvz59hVA5qKTRIWsmtB5UnFj0mH8Qsl6aByvZA3Pm0Lj7o7mk902PMrEixHyFg4pEIsnNm4Jvc+5lKIcC5PvC4Zglf0LEQEnaWMEPK3jFv4CuLHLp/4QV/Vv4mUYn+Qz4zMmrvh2s2HRNNE3HhPeFyEhLQrZzpijYM/DG0pTrw/0Qd+oQXReJBhNlraICdjkCUPWsDbAzuDISxytunUtQpQujZs3esmm0pSr1Ij/hzocmH1TGFL/7XtOrWvO35RY3xFUwlIrCd1SQMt82sHhUCBo22oyDMxz8mZrt5g6KP3v/VVBpY6yYMMC2Soq778XrGiZd8qtYBcJ4tmwEF4npqfvUa24ht34sCsg7vf4Rz1ihe3jX4gM1Asj9UL6I07rkdVxIhqsgQJkQcZILq4v9tyIMJptawHlqmTD9jj9ZzCNcv5jj6QeGATGTbd2AMydKENbjFztfpklTj7E4f2ja44bzDquvftO00Cfq4Khm9/j3D2HzMGn9BuR1Su4OiJJWoBe3/aJd8Y1UMGeo9/kI9JrOCPPh59VA0JcgGUqsqFstb902cq+lGgze1RomniHZBhTiu6AApR4f7U/+czu97+LBmb9nsWC5rBmRewvO5ct2yIOlzu7NemfU06EPYXzEsu5wWfsqmKpI73fw9Pg+pTZVXHvcZPzGPaIAOXeg3vpXejYfq3bnFnPbXsPdYsTsnwW17L9OnU7XYn+QIJOA7+NF4FNVvaO05F
x-ms-exchange-antispam-messagedata-1: 1m2qtyrI4zjt+iO1Ynsv79zGh0CtFP0ouyU=
Content-Type: multipart/alternative; boundary="_000_DU0P190MB19782E4E26ECA358E5BA1670FDD19DU0P190MB1978EURP_"
MIME-Version: 1.0
X-OriginatorOrg: iotconsultancy.nl
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: DU0P190MB1978.EURP190.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-Network-Message-Id: e446d346-f7e7-4709-06ba-08da38d88744
X-MS-Exchange-CrossTenant-originalarrivaltime: 18 May 2022 14:13:05.9351 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 58bbf628-15d2-46bc-820b-863b6774d44b
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: TPnP10ojHuC6bzxbYpCLiVMnUapHfNcqvRqjzSYrCmnNiQvrEIdHdibfkVQkvkIeHdZaJRdeZYFv46NoulsDbw1f0Omijbr4pgOFYzBVrJ8=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: PAXP190MB1520
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnssd/BykRn6O4EKPEz0a1xvSlQah--94>
Subject: Re: [dnssd] SRP Update: which A/AAAA records to include?
X-BeenThere: dnssd@ietf.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: "Discussion of extensions to DNS-based service discovery for routed networks." <dnssd.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnssd>, <mailto:dnssd-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnssd/>
List-Post: <mailto:dnssd@ietf.org>
List-Help: <mailto:dnssd-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnssd>, <mailto:dnssd-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 18 May 2022 14:13:15 -0000

Yes, I think the RFC 8766 section 5.5.2 is like the long version of my text proposal! (Hence the ‘SHOULD’: publish all your addresses except the ones that make no sense to your target audience.)
We don’t have to repeat a long list in the SRP draft, but I think including a sentence with the short version would be useful. It could also make reference to RFC 8766.

Thanks
Esko

From: Ted Lemon <mellon@fugue.com>
Sent: Wednesday, May 18, 2022 16:05
To: Esko Dijk <esko.dijk@iotconsultancy.nl>
Cc: dnssd@ietf.org
Subject: Re: [dnssd] SRP Update: which A/AAAA records to include?

I think the advice in RFC 8766 section 5.5.2 is relevant here. So any address that would only be reachable on the same link as the client probably shouldn’t be sent. But I think this is somewhat domain-specific. E.g., thread has a mesh-local prefix. Maybe we want to allow mesh-local addresses for stability when mesh clients are discovering each other?  At present I think ADK just sends off-mesh-reachable addresses. Dunno about OpenThread.

On Wed, May 18, 2022 at 09:59 Esko Dijk <esko.dijk@iotconsultancy.nl<mailto:esko.dijk@iotconsultancy.nl>> wrote:
Hello,

Here a question about draft-ietf-dnssd-srp-13: Section 2.2.1 defines what to publish in an SRP Update. It also refers to RFC 6763 for more details.
But, I cannot find what A / AAAA records a client should publish with an SRP Update, from the following text:

*  The Host Description records for a service are a KEY RR, used to
      claim exclusive ownership of the service registration, and one or
      more RRs of type A or AAAA, giving the IPv4 or IPv6 address(es) of
      the host where the service resides.

Is it all addresses? Or would a subset be okay also? RFC 6763 also does not mention more on this A / AAAA selection.
I found it more clear for mDNS RFC 6762:


When a Multicast DNS responder sends a Multicast DNS response message

   containing its own address records, it MUST include all addresses

   that are valid on the interface on which it is sending the message,

But the case of SRP is different. We could add  for SRP in 2.2.1:

“The Host Description records SHOULD include A and AAAA records for all IP addresses via which the service can be reached by all hosts that might query the DNS.”

This formulation borrows from 2.3.1.3, but now applied to the perspective of the SRP client.  E.g. link-local address is excluded due to this formulation. Also particular (ULA) addresses can be excluded if the client knows they have very limited scope of routing.

Regards
Esko

IoTconsultancy.nl  |  Email/Teams: esko.dijk@iotconsultancy.nl<mailto:esko.dijk@iotconsultancy.nl>    |   +31 6 2385 8339

_______________________________________________
dnssd mailing list
dnssd@ietf.org<mailto:dnssd@ietf.org>
https://www.ietf.org/mailman/listinfo/dnssd

v2.23.0 | Report a Bug | By Email