[Doh] DNS over HTTP/3?

bert hubert <bert.hubert@powerdns.com> Mon, 19 November 2018 10:10 UTC

Return-Path: <bert@hubertnet.nl>
X-Original-To: doh@ietfa.amsl.com
Delivered-To: doh@ietfa.amsl.com
Received: from localhost (localhost []) by ietfa.amsl.com (Postfix) with ESMTP id 5DB5B129C6B for <doh@ietfa.amsl.com>; Mon, 19 Nov 2018 02:10:07 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.652
X-Spam-Status: No, score=-1.652 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HEADER_FROM_DIFFERENT_DOMAINS=0.249, SPF_PASS=-0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id EbgWS-pRU7R2 for <doh@ietfa.amsl.com>; Mon, 19 Nov 2018 02:10:05 -0800 (PST)
Received: from xs.powerdns.com (xs.powerdns.com []) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A6DA212F1A5 for <doh@ietf.org>; Mon, 19 Nov 2018 02:10:05 -0800 (PST)
Received: from server.ds9a.nl (ip565244ed.adsl-surfen.hetnet.nl []) by xs.powerdns.com (Postfix) with ESMTPS id AE76C9FD6E for <doh@ietf.org>; Mon, 19 Nov 2018 10:09:54 +0000 (UTC)
Received: by server.ds9a.nl (Postfix, from userid 1000) id 81DA8ACA4A1; Mon, 19 Nov 2018 11:09:54 +0100 (CET)
Date: Mon, 19 Nov 2018 11:09:54 +0100
From: bert hubert <bert.hubert@powerdns.com>
To: doh@ietf.org
Message-ID: <20181119100954.GA6704@server.ds9a.nl>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.5.24 (2015-08-30)
Archived-At: <https://mailarchive.ietf.org/arch/msg/doh/3fiC6-jbfk5K62tOAA2buNGpvkE>
Subject: [Doh] DNS over HTTP/3?
X-BeenThere: doh@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: DNS Over HTTPS <doh.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/doh>, <mailto:doh-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/doh/>
List-Post: <mailto:doh@ietf.org>
List-Help: <mailto:doh-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/doh>, <mailto:doh-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 19 Nov 2018 10:10:07 -0000

Hi everyone,

Now that we are still here, perhaps some work is left for us, but I'm not

I've observed that the thousands of users of doh.powerdns.org (I also do not
know how this happened) take around 22 packets per DNS query/response. 

Larger scale adoption of TLSv1.3 might improve this somewhat, but it is a
big number.

I've also personally observed that a "slightly suboptimal" network
absolutely kills browsing performance in Firefox Nightly using DoH.  A naive
calculation shows that 0.5% packet loss turns into a 5% failure rate per DoH
query, which then can cause Head of Line blocking for further queries, which
cascades into "blank pages" getting rendered. 

Of course, once we have HTTP/3, DNS over HTTP/3 would suffer way less from
incidental packet loss, and in general there would be a lot less packets

My question now is, is there any specific work to be done for DoH/3? Are
there number, priorities, features you'd want or not want to use to make
things work well?

In other words, to the sound of a groaning camel, do we need a draft? Or a
section in the HTTP/3 I-D?

And, perhaps somewhat more provocatively, should we maybe not start pushing
DoH/2 if it leaves people with a sub-standard experience, causing them to
disable DoH?  DoH/3 might be somewhat of a wait but it might prevent that
sour taste from developing.

I'd love to hear your thoughts!