IETF Logo Mail Archive

Re: [hackathon] IETF 118 Hackathon: Are long-lived TCP sessions a problem for (DNS) statistics?

John Scudder <jgs@juniper.net> Wed, 01 November 2023 15:28 UTC

Return-Path: <jgs@juniper.net>
X-Original-To: hackathon@ietfa.amsl.com
Delivered-To: hackathon@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 21F8CC151064 for <hackathon@ietfa.amsl.com>; Wed, 1 Nov 2023 08:28:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.105
X-Spam-Level:
X-Spam-Status: No, score=-7.105 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=juniper.net header.b="FBN83zcY"; dkim=pass (1024-bit key) header.d=juniper.net header.b="ETs2bdu5"
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id WPbgzi4EbYbc for <hackathon@ietfa.amsl.com>; Wed, 1 Nov 2023 08:28:12 -0700 (PDT)
Received: from mx0a-00273201.pphosted.com (mx0a-00273201.pphosted.com [208.84.65.16]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7A04FC14CE2C for <hackathon@ietf.org>; Wed, 1 Nov 2023 08:28:12 -0700 (PDT)
Received: from pps.filterd (m0108158.ppops.net [127.0.0.1]) by mx0a-00273201.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 3A191nWs022897; Wed, 1 Nov 2023 08:28:03 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=juniper.net; h=from : to : cc : subject : date : message-id : references : in-reply-to : content-type : content-id : content-transfer-encoding : mime-version; s=PPS1017; bh=Sm/dE4NPIXpEVu0cVn4LHTeeRdxwjwfEWOQfa895ta0=; b=FBN83zcY1LXTE2VX9deXZMlHEPEUmRoa3zCzLPx7EZwFohoivIjlWjg1HJ9+L3VO60J0 e4oKQLFJJkgN5OKXceUVhj4JoVZ4iQRM8biegWG/CEdqCbjTS+HH4IAE3QIyvfObegKP CN7ANLJrXuXeXCMa7AZKjxMyIxTtkPzi9bKXYyRQ8TxuZL27gBL0ah9kuwdzPh7on9xv 7/Ub5L6pSVvr/0Mzl/pC/dGceS0HHefX8XVaVwPBHQWob2+EWtx8B6ZI3vbel5AFEkz4 3n7R5SkcmRbBMcFViMXEuCv6yGJTxAw8w8s5pu7as+8W9NItaw2y4Cit1MFqL0IAyxF/ KA==
Received: from cy4pr02cu008.outbound.protection.outlook.com (mail-westcentralusazlp17012022.outbound.protection.outlook.com [40.93.6.22]) by mx0a-00273201.pphosted.com (PPS) with ESMTPS id 3u36p2t7n9-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Wed, 01 Nov 2023 08:28:03 -0700
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=WRqd3gsnWDdmBzFVKWbYL0tX7Fu3UzI5p4g3A60QoKlWCLJ3HOq23SPCz/RPPgj9NkpuWRIhAb4ibarpO4l8zDeP+wzCU3pHhNt7yhI19v0syvs/sa8aqVoyYTDw78UkAKTGnfmR02lBwjce7WXL/o4GQlCoGLkSCuGbFc20m0OXcs9uOfvfpiBCUDw4Rxl9KVQ5Y+mKAA1+r4wS/UOkGZdmFofkp8zJjnL7yIvkVCN62drMZsbMEJCF00RCdDYYUfPvUmMVU2jHwpK6ZDtbRDOj1Y63WVQaXPp66dQiK1l32IIUY1V++nM0i8gq1uVYrWphJJn+k1sG+cHo6w8xfw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=Sm/dE4NPIXpEVu0cVn4LHTeeRdxwjwfEWOQfa895ta0=; b=LxOaui12OnQGKhq7s1jKznMOLPeQm9qFDJnXop6k+/GxvLltfoftyxgqiZYqkCgHXBQIqUCfLYgSd8BcAO39tZO4+G7ubUk4k2sEhVw5txShzseTCoX3RWy+YCI076p+Yj91k193tfOKYswy8Zszd/vDYItdMJeRJS4J6jrVwDs4OKAzNUBmEFaPxyKgNj4a2RjGUFtOG2fn6xdX/Jpox1zzswyVkH60YcpmqblOJtrSZ42Mr9eEM77nld2t3pLaVOlKyIt/DUUW/BOd3NXdUahXnLMNiZulPP4mJtLcj2dAJyR08XzTB0h+cw3kbeQ0w9JiZKVk3VJKuVEFU/nZ1Q==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=juniper.net; dmarc=pass action=none header.from=juniper.net; dkim=pass header.d=juniper.net; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=juniper.net; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Sm/dE4NPIXpEVu0cVn4LHTeeRdxwjwfEWOQfa895ta0=; b=ETs2bdu50m9aC9hTd8MsMQzXtZ8aqZz2jo0wJzzfyYdOHV4HoYENwQDUCMZIw6I+qGOAY4Rf3Peq436KsQnCWrZxzGPctX5Z5j3f72YrxZslpo31KId2KzwhHP/At1Hpg2K1PoF9u9GYZTSQWVN+h0r5JqNJng/Y1uahKLezOB8=
Received: from MN2PR05MB6109.namprd05.prod.outlook.com (2603:10b6:208:c4::20) by DS7PR05MB7494.namprd05.prod.outlook.com (2603:10b6:5:2d2::11) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6954.19; Wed, 1 Nov 2023 15:28:00 +0000
Received: from MN2PR05MB6109.namprd05.prod.outlook.com ([fe80::9290:42c0:a5e7:366]) by MN2PR05MB6109.namprd05.prod.outlook.com ([fe80::9290:42c0:a5e7:366%6]) with mapi id 15.20.6933.029; Wed, 1 Nov 2023 15:27:59 +0000
From: John Scudder <jgs@juniper.net>
To: "jerry@dns-oarc.net" <jerry@dns-oarc.net>
CC: "rs.ietf@gmx.at" <rs.ietf@gmx.at>, "hackathon@ietf.org" <hackathon@ietf.org>, Warren Kumari <warren@kumari.net>
Thread-Topic: [hackathon] IETF 118 Hackathon: Are long-lived TCP sessions a problem for (DNS) statistics?
Thread-Index: AQHZ+CbDKcgpoStBVESnGoi+G2uCerA8bmgAgAB8iICAKNS/gA==
Date: Wed, 01 Nov 2023 15:27:59 +0000
Message-ID: <CE588850-5D7E-4CD0-9EA3-DE245AA7FCC6@juniper.net>
References: <622eef00-5802-437c-bf6e-26b523bf5df5@dns-oarc.net> <abf0f8b0-76eb-4b06-9faf-6c8119f1405e@gmx.at> <CAHw9_iJifEf8J+7mg0xh6WYnF11jeTRS-ow9JTRgzVuswt7bCA@mail.gmail.com>
In-Reply-To: <CAHw9_iJifEf8J+7mg0xh6WYnF11jeTRS-ow9JTRgzVuswt7bCA@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-mailer: Apple Mail (2.3696.120.41.1.4)
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: MN2PR05MB6109:EE_|DS7PR05MB7494:EE_
x-ms-office365-filtering-correlation-id: 3e94de3c-996a-469f-d3b4-08dbdaef2184
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: +9fafb/ACfRylni3z4nTiRRj4HCVxZPWBwNpbfwiMtcV29Ro65HEb9zjRpYUp47nw/m7GVq6sfbjVg34PHA+YxEqlD0O21hnUsn+tOnNwjqUoJ/8sphj1qy/3o8AY7IFG/zzuPEeUmp2m794p3Qd2pKkbburys1o3+4jPpaG5GeZlFMRmMmPhytSWn/9x+0bptu4Tdke7smAgAu2ivRGugjp5Up20zwvy/RoyQFMZQ3qNE1kcX8Tza8w78Au0eE5R7pUwOu18HXuHXAzIHKRtGsB/px2fwHw5EByZ+AyIYijMQnTHVpRiMyRHWhuZ8+ISWFvFxtEaSOeAqGleP8fz2ybV6hiCJEk4S9KpNbpkRbm1wdAWFrd0GZYZadgrQXM7V41v4Qz1nAOCG98jeWxIpqhrYyXx/e9DBWQlFLK8p155ile0ky3fhFvWzg2GNk6tgJWoL67GE7eArrwxTtAqzYzg35SADGJEoj+COqqMCph6WJs1vs4vZYz82cWOGkZskA5x7J/x/zMfUi0X09cIp2FvWHBBCICh+sbFTbTtciDMDpkEqhKSrdf30yEPkZ0R//UxdvL6PI1vRCDl0Ln6D3XuoO22yxr01UBb3/WwxAv2kry1D4ooFvK9qK7CKRq4S6i3io1Cchz7PIBTmXimnNVkWzkpKXYcFfUCRPtSUShAGum9DFTZNe4lo1G18UA
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:MN2PR05MB6109.namprd05.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230031)(346002)(376002)(366004)(39860400002)(396003)(136003)(230922051799003)(186009)(1800799009)(64100799003)(451199024)(66899024)(83380400001)(66446008)(38100700002)(122000001)(6916009)(66946007)(6486002)(966005)(66476007)(478600001)(91956017)(66556008)(316002)(64756008)(76116006)(41300700001)(5660300002)(66574015)(2906002)(71200400001)(6506007)(2616005)(6512007)(53546011)(26005)(54906003)(33656002)(4326008)(8676002)(8936002)(86362001)(36756003)(38070700009)(45980500001); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: JAjRYHOyPZXMo5zSvgglTn0JY4C/4+uO1yQWwIXSbOl8sLkEto8mvxBushqydTfaPts1UQRQrndu17NNnr/pSX2o4bRO2/024DnYyn8qhwfX1bwV/Xdq6A04YKFxGGw7I9SSN0UmOltUY70H9p7rHcmktfqeLc4+ZLiPWqWfKo2SgLswGBSWkc7wgB0SdHqaKGjfdIukdteYV+nbv4jCskFksijrAjgCxdiixCtnTIuF4OIe2ixzJptC7f+vNXMnaXXzaHU8Kjd3yGJwfTMugEiPp9HUmzHIoCkDpRMFcP++6Q9OnmQhXvdmpWK45dJIxaq+kUt+SNr7DqcjWzMc/XFQYx9+3MWJQ/WVZNkh6sObWbF7iiIGw5H2TvmhDn/3F/o1MZjncNquLJTm4c4LoLbZ5VSZCWXSYG0SS2E2dPssVkfl2ZFHjk3opkz/8hJsWMaoRbjwOoP1XFFezipdjS6igho6a/NOmXA4uobxpl4fF+siBZh6nf+dowz5/my2KpYAhRrCAa8c/jRr8QdfDZ1/+R0Mrl+bRLNL8Jk+OH2oU6oFIixY/vWXYqXZWjmvN/EO5VrWa1QXVqszzQeC/JG4HcR3CudHARTfR7Sr/YLOAxgDV7/9LcTfqV2oQOvoKFZd4bzkcw6M+8jvI5vhzIv05ceaJffIwdhCnVylPPyS8af/zfBDaBnmWoPKLOxD2wdQZ6Ut6P29W865y0MMdJ7XXF+1ZKsmHRw90zLS6SfSNMUmCxMX1bQQf5paUX0YlWpW7e9fZvAEfrlLOp4JCxDx0HmyzkWpppQqeDU53trlZcXPhn1HNSMKXjGt5GTyCM5To+u1Yg/l4lx8jfvpDHTJzgOcd5NJyuOpzk7xwmxtDUZfW/wE+TeDH2AuFUD23BCPqz+loenvF9dWDkdWND3UQ5A8o/mhFtM0gZw5eI5cXZjyqOu8xlH8+R+q1TZqANDfovyOta/8XCZLVttO8Ep7GBCDbMne5LIisTPrO4IHefTv2Dww6YDyln2/nqFqLsdWRq4qsEeMZb/+dlBhrCy3JK1vIWW1L8blTQzGJU7fa6WAaF/FJb+kHrKC7fapq9L3lNXWwA9aew1ItKryczUoIHp4AUeJ0062nV02uU+t9pjpeNZ+2xQ7ldwcEpwZoWIJmvOzBGjOPGvvw0thSq2VbGnNxz5AlxoOEAf+XC2/lNG+ogHATXsQMjeYKHFDO0dbdIqqDk8BpPP5CSNoV83Fhk2ZqdZ/F82OD/i8rT24d/jJu+bWeZfll/wLVKtnnbgpcsGWffMNtm/CABveu1FxISHHKw7bM0/H7dEaBK8p0iEaQYyvrOW10BJV6PIO4C9IWR8VGbUXlAEPWEOX5eKBesi/LSqAN65A6TySXFt7vL+91TZOXKtN9aVw4VQaFyX48pNvwNJc/7Sdvbuse7didBIPW/N0r4KVdWk73/0b8SEALqgjwGYYJd+5Db49Om4Jvuk06Y09uWfBdRbrk4GQISajGmg2X+BPtVfUAXA+RCKOPNe4VWjhpPUNZY1AabcYTVsguM9kTcCfFdHpXFFfL/zQLsV0fyQQReacIg/OmcyUygcDr/m0o+bMoSF3
Content-Type: text/plain; charset="utf-8"
Content-ID: <9F9DBF892405B24AA526DD4D7945E375@namprd05.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: juniper.net
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: MN2PR05MB6109.namprd05.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 3e94de3c-996a-469f-d3b4-08dbdaef2184
X-MS-Exchange-CrossTenant-originalarrivaltime: 01 Nov 2023 15:27:59.7183 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: bea78b3c-4cdb-4130-854a-1d193232e5f4
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: m6ZqBTu4I3L7GPc50macHAdZMcsU/fHqjZSFM761HlSlV21lK7gem7cPTfgrqG8t
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DS7PR05MB7494
X-Proofpoint-GUID: C3iuXGhvrQ691uqZ72Orv5SEDHNaZrMd
X-Proofpoint-ORIG-GUID: C3iuXGhvrQ691uqZ72Orv5SEDHNaZrMd
X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.272,Aquarius:18.0.987,Hydra:6.0.619,FMLib:17.11.176.26 definitions=2023-11-01_13,2023-11-01_02,2023-05-22_02
X-Proofpoint-Spam-Details: rule=outbound_spam_notspam policy=outbound_spam score=0 mlxscore=0 adultscore=0 lowpriorityscore=0 malwarescore=0 suspectscore=0 spamscore=0 mlxlogscore=999 priorityscore=1501 impostorscore=0 bulkscore=0 clxscore=1011 phishscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2310240000 definitions=main-2311010127
Archived-At: <https://mailarchive.ietf.org/arch/msg/hackathon/7xMjS9QqhhJwU7qW3EOf455HB1w>
Subject: Re: [hackathon] IETF 118 Hackathon: Are long-lived TCP sessions a problem for (DNS) statistics?
X-BeenThere: hackathon@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Discussion regarding past, present, and future IETF hackathons." <hackathon.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/hackathon>, <mailto:hackathon-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/hackathon/>
List-Post: <mailto:hackathon@ietf.org>
List-Help: <mailto:hackathon-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/hackathon>, <mailto:hackathon-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 01 Nov 2023 15:28:17 -0000

And for that matter, BGP runs over TCP and it’s not unusual to see BGP sessions that are up for months. I wouldn’t be surprised if there were ones that stayed up for more than a year. I didn’t reply earlier because the question seemed to be specific to DNS/TCP, but since someone else jumped first… :-)

I regret to say I don’t have hard data to offer, just anecdote. 

—John

> On Oct 6, 2023, at 11:56 AM, Warren Kumari <warren@kumari.net> wrote:
> 
> 
> On Fri, Oct 06, 2023 at 4:30 AM, <rs.ietf@gmx.at> wrote:
> I don't have data ready to share, but i want to point out that in the storage space (NFS; SMB; iSCSI; NVMe/TCP; iWARP) - which is not necessarily on the public internet though, it is the norm rather then the exception to have TCP sessions being active for days and weeks at a time - typcially only reestablished after some more or less severe disruption (hosts rebooting, ports failing, excessive packet discards...).
> 
> 
> 
> I think that this is also true for a bunch of VPN / tunneling technologies. 
> 
> For example, I've had a number of enterprise site-to-site "SSL Tunnels" which have been up for many many months, as well as a bunch of SSH tunnels (and just sessions) for similar times. In fact, I recently stumbled across an SSH connection to a terminal server which had been up for a few years — someone had SSHed from a console server to a termserver, and then disconnected, leaving the session up indefinitely. 
> 
> W
> 
> 
> 
> I can not comment on DNS/TCP sessions though. 
> 
> Best regards, 
> Richard
> 
> Am 06.10.2023 um 09:27 schrieb Jerry Lundström: 
> 
> Hi all, 
> 
> Some tools uses packet capturing to do statistics for DNS and some of them needs to see the beginning of the TCP sessions. If resolver systems out there start keeping TCP session against authorities open for a very long time (days or weeks) then it might become a problem for these tools. 
> 
> We would like to look at two things; 
> 1) First to poke at data to see if there are very long-lived TCP sessions out there today, or not(!) which is equally interesting to know. 
> 2) Second to survey DNS statistics tools out there to see how they handle long-lived TCP sessions to understand how wide a problem this might be, if any. And maybe fix some of them if issues are spotted when doing this.
> 
> Sounds interesting? Do you have data to poke at? Hope to see you at the hackathon then! :) 
> 
> Cheers, 
> Jerry Lundström & Roy Arends
> 
> _______________________________________________ 
> hackathon mailing list 
> hackathon@ietf.org 
> https://www.ietf.org/mailman/listinfo/hackathon 
> Unsubscribe: mailto:hackathon-request@ietf.org?subject=unsubscribe
> 
> _______________________________________________ 
> hackathon mailing list 
> hackathon@ietf.org 
> https://www.ietf.org/mailman/listinfo/hackathon 
> Unsubscribe: mailto:hackathon-request@ietf.org?subject=unsubscribe
> 
> 
> _______________________________________________
> hackathon mailing list
> hackathon@ietf.org
> https://urldefense.com/v3/__https://www.ietf.org/mailman/listinfo/hackathon__;!!NEt6yMaO-gk!C5cszFscM6tI6kNzCMFJW1rcvh82rEQl7j3LVB-rfHmJJP3x7tUqWs5hshga0Pie03Z6-fSDa-OK$ 
> Unsubscribe: mailto:hackathon-request@ietf.org?subject=unsubscribe

v2.23.0 | Report a Bug | By Email