Re: [Doh] [Ext] DNS Camel thoughts: TC and message size

Paul Hoffman <paul.hoffman@icann.org> Thu, 07 June 2018 13:40 UTC

Return-Path: <paul.hoffman@icann.org>
X-Original-To: doh@ietfa.amsl.com
Delivered-To: doh@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9055E1310CD for <doh@ietfa.amsl.com>; Thu, 7 Jun 2018 06:40:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.107
X-Spam-Level:
X-Spam-Status: No, score=-1.107 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RDNS_NONE=0.793, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id e6gPl9jgyyKl for <doh@ietfa.amsl.com>; Thu, 7 Jun 2018 06:40:31 -0700 (PDT)
Received: from out.west.pexch112.icann.org (unknown [64.78.40.7]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6E14A1310CC for <doh@ietf.org>; Thu, 7 Jun 2018 06:40:31 -0700 (PDT)
Received: from PMBX112-W1-CA-1.pexch112.icann.org (64.78.40.21) by PMBX112-W1-CA-1.pexch112.icann.org (64.78.40.21) with Microsoft SMTP Server (TLS) id 15.0.1367.3; Thu, 7 Jun 2018 06:40:29 -0700
Received: from PMBX112-W1-CA-1.pexch112.icann.org ([64.78.40.21]) by PMBX112-W1-CA-1.PEXCH112.ICANN.ORG ([64.78.40.21]) with mapi id 15.00.1367.000; Thu, 7 Jun 2018 06:40:29 -0700
From: Paul Hoffman <paul.hoffman@icann.org>
To: Tony Finch <dot@dotat.at>
CC: DoH WG <doh@ietf.org>
Thread-Topic: [Doh] [Ext] DNS Camel thoughts: TC and message size
Thread-Index: AQHT/kr9sCZvhcrcI0uOMRalB8RQXqRVQvMA
Date: Thu, 7 Jun 2018 13:40:29 +0000
Message-ID: <5B71AC15-80F4-427B-BABA-1BE3C514145F@icann.org>
References: <20180606093212.GA23880@server.ds9a.nl> <alpine.DEB.2.11.1806061501340.10764@grey.csi.cam.ac.uk> <F5774061-35B9-477F-ADDA-8BB3472F30EF@icann.org> <alpine.DEB.2.11.1806071121350.1809@grey.csi.cam.ac.uk>
In-Reply-To: <alpine.DEB.2.11.1806071121350.1809@grey.csi.cam.ac.uk>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-exchange-messagesentrepresentingtype: 1
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [192.0.32.234]
Content-Type: text/plain; charset="us-ascii"
Content-ID: <3FFB04715D0BD842BDF0E10BB764A4F5@pexch112.icann.org>
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/doh/27JgZ3g0g2_cGR_uMjLosEsWY3U>
Subject: Re: [Doh] [Ext] DNS Camel thoughts: TC and message size
X-BeenThere: doh@ietf.org
X-Mailman-Version: 2.1.26
Precedence: list
List-Id: DNS Over HTTPS <doh.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/doh>, <mailto:doh-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/doh/>
List-Post: <mailto:doh@ietf.org>
List-Help: <mailto:doh-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/doh>, <mailto:doh-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 07 Jun 2018 13:40:33 -0000

On Jun 7, 2018, at 3:33 AM, Tony Finch <dot@dotat.at>; wrote:
> 
> Paul Hoffman <paul.hoffman@icann.org>; wrote:
>> 
>> DNS-over-TCP is defined in RFC 1035 and significantly updated in RFC
>> 7766. Unless I'm missing something, neither of those document support
>> the 65535 length restriction;
> 
> The restriction comes from the 2 octet message length field, RFC 1035
> section 4.2.2.

Ow! (I just slammed my forehead into the desk because this should have been obvious to me.)

Tony is completely correct here. DNS messages have well-defined length limits: 512-or-more-depending if carried over UDP, and 65535 if carried over TCP.

Bert's proposal is fine with me. The fact that RFC 7766 didn't mention this limitation doesn't change anything.

> EDNS buffer sizes need to be handled the samee as for TCP as well.

RFC 6891 says that the payload size is for transport over UDP, not TCP. What change are you requesting here?

--Paul Hoffman