Re: [Driu] Fwd: New Version Notification for draft-pusateri-dhc-dns-driu-00.txt

Bob Harold <rharolde@umich.edu> Thu, 05 July 2018 18:49 UTC

Return-Path: <rharolde@umich.edu>
X-Original-To: driu@ietfa.amsl.com
Delivered-To: driu@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 41D15130F06 for <driu@ietfa.amsl.com>; Thu, 5 Jul 2018 11:49:49 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=umich.edu
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id nVu9bytNL0Cm for <driu@ietfa.amsl.com>; Thu, 5 Jul 2018 11:49:45 -0700 (PDT)
Received: from mail-lf0-x234.google.com (mail-lf0-x234.google.com [IPv6:2a00:1450:4010:c07::234]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A5607130F44 for <driu@ietf.org>; Thu, 5 Jul 2018 11:49:45 -0700 (PDT)
Received: by mail-lf0-x234.google.com with SMTP id y127-v6so7776203lfc.8 for <driu@ietf.org>; Thu, 05 Jul 2018 11:49:45 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=umich.edu; s=google-2016-06-03; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=NirSPtRhQ8basMKaRhSokExN3pkt4KaND9PuLNTZi0Y=; b=egR596ACE3lfPEYY4kX1lR5K8gEGTR5VU5rpHqAQOZvG5ha+m0L2g52b3iN6YTjJA4 F/PHdBY1qO2cvMSFjlCzXDYUjlyTpwdQNUrKmpz/KpI91uM7SSf4VtkCqbSuX1O2lKTr u1bzNBvnmMe+4GKXn6Aedx/UAgaYelGQViep/XWtPFNbTT+z0M9wdCVBiOUuV0oeuXD6 F1WvSs9cBhQp7kL4cVQOgPGI+pe9TqS1BmAm2TLKHVjbFWCXNfSEwJwH8LmxVHvr28aq 0t5gQHAIqPsD+AaC97BvZSwKBWxVxuyebaWYWV+N6ctLNnaz/y2+QNNQAz+8NfrK0ey5 NLIw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=NirSPtRhQ8basMKaRhSokExN3pkt4KaND9PuLNTZi0Y=; b=d3vJ5CjoQCuaaqr+pWoGDRNLSTk/tXg2YARYR0UV3e2T9hvHJtF09bArROdBKvG58Y ox9MOwJAqUYX7cXvNm4jnhUwyIeTRc5s8GIQ0LbZB9Ac/0RGiodzWu6u6E+p91Eq9QdV tBrypNmIeaaB+kM61tOw/ExCyS4lEv/5+Wsj+cy9TxqdQN8x0Xx6wq6NFtdzeAiHNWTW gcq95QuG5laP9kcN6S2KeEWEvN7amWTPzMP8VAxNIr9zBxWZONX07n9zh3K1KI/yd/2o +k4zISrGWDo0FKMLoMk/88a8kaOhlD54ZllBdney82zLH/4Id48VOPtS1PrHXP7lF+pX vT0g==
X-Gm-Message-State: APt69E0j1h6ZQCpr8vnoyc1dEHyWgCQjmKtrZ0S6AGC4JpI2FYIO2SK7 4C4p2yGGnjXKINyJTLZGfYVjb4GhVyMjK91gGFvZKw==
X-Google-Smtp-Source: AAOMgpfURi5DLduf/cDs8D3hYK+89Zwrio480h4LDRxIitFeyFUg0/19It0biSkB8UDXBNHWZ94o0YTzWguMliK6GUw=
X-Received: by 2002:a19:b2c7:: with SMTP id t68-v6mr5015988lfk.132.1530816583676; Thu, 05 Jul 2018 11:49:43 -0700 (PDT)
MIME-Version: 1.0
References: <153056107621.16040.1439553172883571734.idtracker@ietfa.amsl.com> <8354E402-C699-46FB-AC95-99BA7AAF03A1@bangj.com> <CA+nkc8BKC3SmfhjCcymE=euNbaw7TymBZbyHLsrDGZ5BqcTJiA@mail.gmail.com> <0AF05538-82F2-4F7E-892B-98E211CA596F@bangj.com>
In-Reply-To: <0AF05538-82F2-4F7E-892B-98E211CA596F@bangj.com>
From: Bob Harold <rharolde@umich.edu>
Date: Thu, 5 Jul 2018 14:49:31 -0400
Message-ID: <CA+nkc8CpKuzD6oXMr7RDpnM8LrYVnLN8oSh2K+eoetc9UD+kEg@mail.gmail.com>
To: pusateri@bangj.com
Cc: driu@ietf.org
Content-Type: multipart/alternative; boundary="000000000000afc9b00570450240"
Archived-At: <https://mailarchive.ietf.org/arch/msg/driu/MtvxQPV7UOPeWfNeAlIzVy1ahnQ>
Subject: Re: [Driu] Fwd: New Version Notification for draft-pusateri-dhc-dns-driu-00.txt
X-BeenThere: driu@ietf.org
X-Mailman-Version: 2.1.26
Precedence: list
List-Id: "DNS Resolver Identification and Use \(DRIU\)." <driu.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/driu>, <mailto:driu-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/driu/>
List-Post: <mailto:driu@ietf.org>
List-Help: <mailto:driu-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/driu>, <mailto:driu-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 05 Jul 2018 18:49:50 -0000

On Thu, Jul 5, 2018 at 2:02 PM Tom Pusateri <pusateri@bangj.com> wrote:

>
>
> On Jul 5, 2018, at 1:39 PM, Bob Harold <rharolde@umich.edu> wrote:
>
> I have concern:
>
> 3. DHCPv6 Encapsulating Options
>
> "There is no order
> implied by the order of options sent or received. It is up to the
> receiving client to determine which order to use the DNS server
> configurations."
>
> Let's not wait for some non-standard way to decide the order. Please add
> 'priority' (and possibly 'weight') fields to the "OPTION_DNS_TLS" now, like
> in MX and SRV records.
>
>
> Willem has said that from experience with Stubby, that the client should
> determine the order it uses the discovered DNS servers. The network
> operator advertising the list doesn’t necessarily have real time data to
> determine response times, delays, etc. I’m happy to discuss this more. Why
> should the network operator dictate this?
>
> I would think that the network operator, who can set the option per
subnet, would have a better idea where the subnet is, than a client machine
that roams from place to place and usually does not know where it is
located.  If the operator lists more than one server, there is likely to be
a need to designate primary vs backup in some cases.  If the client knows
better, it can certainly have its own list, and ignore or append what the
network recommends.  But the network knows better what will be faster or
even reachable from a given subnet, in my opinion.  (I run the DHCP servers
at my location, so I am probably biased.)

-- 
Bob Harold


> -------
> And a question:
>
> Appendix A. ISC DHCPv6 Configuration Example
>
> "option tls.adn code 228 = domain-list;
>
> option tls.adn "dns.quad9.net";"
>
> Why is this defined as a list, but only a single domain is configured. And
> the text (in 1. Introduction) indicates only one domain is allowed per
> option. Is there a single domain format that should be used?
>
>
> Yeah, this is a bug in the ISC config file. I will fix the example.
>
> Thanks,
> Tom
>
>