Re: [Driu] Fwd: New Version Notification for draft-pusateri-dhc-dns-driu-00.txt

Tom Pusateri <> Thu, 05 July 2018 19:31 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id DC4CE130E01 for <>; Thu, 5 Jul 2018 12:31:51 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id ZWmaNupHdoUV for <>; Thu, 5 Jul 2018 12:31:50 -0700 (PDT)
Received: from ( []) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id CA0201294D0 for <>; Thu, 5 Jul 2018 12:31:49 -0700 (PDT)
Received: from ( []) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPSA id 35D5765E; Thu, 5 Jul 2018 15:30:48 -0400 (EDT)
From: Tom Pusateri <>
Message-Id: <>
Content-Type: multipart/alternative; boundary="Apple-Mail=_F20E4ABC-B58A-4C29-A699-A3C951F7886E"
Mime-Version: 1.0 (Mac OS X Mail 11.4 \(3445.8.2\))
Date: Thu, 5 Jul 2018 15:31:45 -0400
In-Reply-To: <>
To: Bob Harold <>
References: <> <> <> <> <>
X-Mailer: Apple Mail (2.3445.8.2)
Archived-At: <>
Subject: Re: [Driu] Fwd: New Version Notification for draft-pusateri-dhc-dns-driu-00.txt
X-Mailman-Version: 2.1.26
Precedence: list
List-Id: "DNS Resolver Identification and Use \(DRIU\)." <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Thu, 05 Jul 2018 19:31:52 -0000

> On Jul 5, 2018, at 2:49 PM, Bob Harold <> wrote:
> On Thu, Jul 5, 2018 at 2:02 PM Tom Pusateri < <>> wrote:
>> On Jul 5, 2018, at 1:39 PM, Bob Harold < <>> wrote:
>> I have concern:
>> 3. DHCPv6 Encapsulating Options
>> "There is no order
>> implied by the order of options sent or received. It is up to the
>> receiving client to determine which order to use the DNS server
>> configurations."
>> Let's not wait for some non-standard way to decide the order. Please add 'priority' (and possibly 'weight') fields to the "OPTION_DNS_TLS" now, like in MX and SRV records.
> Willem has said that from experience with Stubby, that the client should determine the order it uses the discovered DNS servers. The network operator advertising the list doesn’t necessarily have real time data to determine response times, delays, etc. I’m happy to discuss this more. Why should the network operator dictate this?
> I would think that the network operator, who can set the option per subnet, would have a better idea where the subnet is, than a client machine that roams from place to place and usually does not know where it is located.  If the operator lists more than one server, there is likely to be a need to designate primary vs backup in some cases.  If the client knows better, it can certainly have its own list, and ignore or append what the network recommends.  But the network knows better what will be faster or even reachable from a given subnet, in my opinion.  (I run the DHCP servers at my location, so I am probably biased.)

Since the option is probably only refreshed once per day on average, the list is fairly static. Assuming that an on subnet server will respond faster than a server several hops away is a bad assumption. It depends on many factors and these will change constantly depending on the number of clients, the number of TLS connections the server can manage, number of switches and congestion at the network level including APs, etc. Since these conditions change at the sub-second level, having the client figure out which server responds best seems more flexible.

If all the servers in the list should respond, does the network operator care which one is used? Once you get past the access point, is there typically congestion in the wired network you’re trying to avoid?

I’ll put this on my slides to discuss in Montréal.