Re: [Doh] [Ext] DNS Camel thoughts: TC and message size

Tony Finch <dot@dotat.at> Fri, 08 June 2018 13:27 UTC

Return-Path: <dot@dotat.at>
X-Original-To: doh@ietfa.amsl.com
Delivered-To: doh@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EE594130EA3 for <doh@ietfa.amsl.com>; Fri, 8 Jun 2018 06:27:01 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.2
X-Spam-Level:
X-Spam-Status: No, score=-4.2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hSaMor35PUCo for <doh@ietfa.amsl.com>; Fri, 8 Jun 2018 06:26:59 -0700 (PDT)
Received: from ppsw-30.csi.cam.ac.uk (ppsw-30.csi.cam.ac.uk [131.111.8.130]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C29A4130E39 for <doh@ietf.org>; Fri, 8 Jun 2018 06:26:59 -0700 (PDT)
X-Cam-AntiVirus: no malware found
X-Cam-ScannerInfo: http://help.uis.cam.ac.uk/email-scanner-virus
Received: from grey.csi.cam.ac.uk ([131.111.57.57]:45399) by ppsw-30.csi.cam.ac.uk (ppsw.cam.ac.uk [131.111.8.136]:25) with esmtps (TLSv1:ECDHE-RSA-AES256-SHA:256) id 1fRHPp-0002ZW-do (Exim 4.91) (return-path <dot@dotat.at>); Fri, 08 Jun 2018 14:26:53 +0100
Date: Fri, 08 Jun 2018 14:26:53 +0100
From: Tony Finch <dot@dotat.at>
To: Mukund Sivaraman <muks@mukund.org>
cc: Robert Edmonds <edmonds@mycre.ws>, DoH WG <doh@ietf.org>, Dave Lawrence <tale@dd.org>
In-Reply-To: <20180608102445.GB12334@jurassic>
Message-ID: <alpine.DEB.2.11.1806081419300.10764@grey.csi.cam.ac.uk>
References: <20180606093212.GA23880@server.ds9a.nl> <alpine.DEB.2.11.1806061501340.10764@grey.csi.cam.ac.uk> <F5774061-35B9-477F-ADDA-8BB3472F30EF@icann.org> <alpine.DEB.2.11.1806071121350.1809@grey.csi.cam.ac.uk> <5B71AC15-80F4-427B-BABA-1BE3C514145F@icann.org> <23321.25400.502754.584769@gro.dd.org> <20180608024515.jkimytwch7lstkxi@mycre.ws> <20180608102445.GB12334@jurassic>
User-Agent: Alpine 2.11 (DEB 23 2013-08-11)
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset="US-ASCII"
Archived-At: <https://mailarchive.ietf.org/arch/msg/doh/khvWsrqZTHvQZMtyo0kTvhKoIsg>
Subject: Re: [Doh] [Ext] DNS Camel thoughts: TC and message size
X-BeenThere: doh@ietf.org
X-Mailman-Version: 2.1.26
Precedence: list
List-Id: DNS Over HTTPS <doh.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/doh>, <mailto:doh-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/doh/>
List-Post: <mailto:doh@ietf.org>
List-Help: <mailto:doh-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/doh>, <mailto:doh-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 08 Jun 2018 13:27:03 -0000

Mukund Sivaraman <muks@mukund.org> wrote:
>
> I think BIND will happily load, zone transfer (in and out) and store an
> RRset in memory that didn't fit in 64kB. Initially for catalog zones,
> we'd have used such an RRset as there's no 64kB transfer limit to an
> RRset. However, anything over 64kB cannot be queried for as the server
> will fail to construct a reply.

BIND handles this better than I feared it might :-) See first dig output
below - you can axfr the zone if you want. However other implementations
did not have as much foresight - the second dig output is from a name
server hosted on the CommunityDNS anycast service - it seems to have
transfered the zone OK, though.


1. BIND

; <<>> DiG 9.13.0 <<>> +tcp +norec 65536.dotat.at in txt @grey.dotat.at
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 52562
;; flags: qr aa tc; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
; COOKIE: e70d27f85d21dee83f06c6445b1a828aed3ce0f8f53f262d (good)
;; QUESTION SECTION:
;65536.dotat.at.                        IN      TXT

;; Query time: 0 msec
;; SERVER: 2001:630:212:110::d:7a7#53(2001:630:212:110::d:7a7)
;; WHEN: Fri Jun 08 14:20:10 BST 2018
;; MSG SIZE  rcvd: 71


2. CommunityDNS

;; Warning: Message parser reports malformed message packet.

; <<>> DiG 9.13.0 <<>> +tcp +norec 65536.dotat.at in txt @ns3.gratisdns.dk
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 52381
;; flags: qr aa; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; WARNING: Message has 2571 extra bytes at end

;; QUESTION SECTION:
;65536.dotat.at.                        IN      TXT

;; Query time: 24 msec
;; SERVER: 2001:678:5::6#53(2001:678:5::6)
;; WHEN: Fri Jun 08 14:21:10 BST 2018
;; MSG SIZE  rcvd: 2615


Tony.
-- 
f.anthony.n.finch  <dot@dotat.at>  http://dotat.at/
Malin, South Hebrides: Cyclonic 3 or 4. Moderate, occasionally slight later.
Fair then thundery showers. Good occasionally poor.