Re: [Doh] [Ext] DNS Camel thoughts: TC and message size

Mukund Sivaraman <muks@mukund.org> Fri, 08 June 2018 10:24 UTC

Return-Path: <muks@mukund.org>
X-Original-To: doh@ietfa.amsl.com
Delivered-To: doh@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1D62A130E6C for <doh@ietfa.amsl.com>; Fri, 8 Jun 2018 03:24:52 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id TLHOwh1Qa5ur for <doh@ietfa.amsl.com>; Fri, 8 Jun 2018 03:24:51 -0700 (PDT)
Received: from mail.banu.com (mail.banu.com [46.4.129.225]) by ietfa.amsl.com (Postfix) with ESMTP id CFF18130E64 for <doh@ietf.org>; Fri, 8 Jun 2018 03:24:50 -0700 (PDT)
Received: from jurassic (unknown [182.156.107.28]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mail.banu.com (Postfix) with ESMTPSA id E8B8732C0AC6; Fri, 8 Jun 2018 10:24:48 +0000 (UTC)
Date: Fri, 08 Jun 2018 15:54:45 +0530
From: Mukund Sivaraman <muks@mukund.org>
To: Robert Edmonds <edmonds@mycre.ws>
Cc: Dave Lawrence <tale@dd.org>, DoH WG <doh@ietf.org>
Message-ID: <20180608102445.GB12334@jurassic>
References: <20180606093212.GA23880@server.ds9a.nl> <alpine.DEB.2.11.1806061501340.10764@grey.csi.cam.ac.uk> <F5774061-35B9-477F-ADDA-8BB3472F30EF@icann.org> <alpine.DEB.2.11.1806071121350.1809@grey.csi.cam.ac.uk> <5B71AC15-80F4-427B-BABA-1BE3C514145F@icann.org> <23321.25400.502754.584769@gro.dd.org> <20180608024515.jkimytwch7lstkxi@mycre.ws>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <20180608024515.jkimytwch7lstkxi@mycre.ws>
User-Agent: Mutt/1.9.2 (2017-12-15)
Archived-At: <https://mailarchive.ietf.org/arch/msg/doh/z8NIePtMePdVgG56lGl9TMpfm1Q>
Subject: Re: [Doh] [Ext] DNS Camel thoughts: TC and message size
X-BeenThere: doh@ietf.org
X-Mailman-Version: 2.1.26
Precedence: list
List-Id: DNS Over HTTPS <doh.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/doh>, <mailto:doh-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/doh/>
List-Post: <mailto:doh@ietf.org>
List-Help: <mailto:doh-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/doh>, <mailto:doh-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 08 Jun 2018 10:24:52 -0000

On Thu, Jun 07, 2018 at 10:45:15PM -0400, Robert Edmonds wrote:
> Dave Lawrence wrote:
> > Paul Hoffman writes:
> > > Tony is completely correct here. DNS messages have well-defined
> > > length limits: 512-or-more-depending if carried over UDP, and 65535
> > > if carried over TCP. 
> > 
> > Right.  And completely undefined over any other transport.  There is
> > no intrinsic limit to the limit of a DNS message, compression pointers
> > notwithstanding.
> 
> No, there is an intrinsic limit to the size of a DNS message. If I'm not
> mistaken:
> 
> 12 octets header
> 
> 1 question resource record:
>     255 octets QNAME
>     2 octets QTYPE
>     2 octets QCLASS
> 
> 3 response sections:
>     65535 RR's per section:
>         255 octets NAME
>         2 octets TYPE
>         2 octets CLASS
>         4 octets TTL
>         2 octets RDLENGTH
>         65535 octets RDATA
> 
> 12 + 1*(255+2+2) + 3*65535*(255+2+2+4+2+65535) = 12936609271 octets, or,
> about 13 gigs.

I think BIND will happily load, zone transfer (in and out) and store an
RRset in memory that didn't fit in 64kB. Initially for catalog zones,
we'd have used such an RRset as there's no 64kB transfer limit to an
RRset. However, anything over 64kB cannot be queried for as the server
will fail to construct a reply.

		Mukund