Re: [homenet] Understanding DNS-SD hybrid proxying [was: Firewall hole punching]
Tim Chown <Tim.Chown@jisc.ac.uk> Thu, 24 November 2016 09:28 UTC
Return-Path: <tim.chown@jisc.ac.uk>
X-Original-To: homenet@ietfa.amsl.com
Delivered-To: homenet@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DF131129ECF for <homenet@ietfa.amsl.com>; Thu, 24 Nov 2016 01:28:50 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.11
X-Spam-Level:
X-Spam-Status: No, score=-4.11 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H4=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001, T_DKIM_INVALID=0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=fail (1024-bit key) reason="fail (body has been altered)" header.d=jisc365.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id AhGpH5EGmZi1 for <homenet@ietfa.amsl.com>; Thu, 24 Nov 2016 01:28:48 -0800 (PST)
Received: from eu-smtp-delivery-189.mimecast.com (eu-smtp-delivery-189.mimecast.com [146.101.78.189]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A3288129ED1 for <homenet@ietf.org>; Thu, 24 Nov 2016 01:28:44 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=jisc365.onmicrosoft.com; s=selector1-jisc-ac-uk; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=wrCGmdMzvvG7FblOJ1dHlv9IQWAkbgCYSYVAIKMAJUM=; b=hHDjEXXfax/YcV7sM5qCo3RwupW0rMqvA7modZekAX6/AmeITgMUl5/9Tw6soB+bfzgDR525quwnIlNJSC0QjMOjfLRTdpo+xInooyQtwa03CHhsY7QOQm2TJJT6zxl3euytzK9/Rz7iZzJx96bC/3AvlFkeKdiQuTE6h7Jw9ow=
Received: from EUR01-DB5-obe.outbound.protection.outlook.com (mail-db5eur01lp0182.outbound.protection.outlook.com [213.199.154.182]) (Using TLS) by eu-smtp-1.mimecast.com with ESMTP id uk-mta-15-SatCUdw1NA6kwrNIrXx03Q-1; Thu, 24 Nov 2016 09:28:37 +0000
Received: from AM3PR07MB1140.eurprd07.prod.outlook.com (10.163.188.14) by AM3PR07MB1137.eurprd07.prod.outlook.com (10.163.188.11) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384) id 15.1.747.5; Thu, 24 Nov 2016 09:28:36 +0000
Received: from AM3PR07MB1140.eurprd07.prod.outlook.com ([fe80::d9ee:f373:b37e:9c77]) by AM3PR07MB1140.eurprd07.prod.outlook.com ([fe80::d9ee:f373:b37e:9c77%15]) with mapi id 15.01.0734.007; Thu, 24 Nov 2016 09:28:36 +0000
From: Tim Chown <Tim.Chown@jisc.ac.uk>
To: Juliusz Chroboczek <jch@irif.fr>
Thread-Topic: [homenet] Understanding DNS-SD hybrid proxying [was: Firewall hole punching]
Thread-Index: AQHSRcI2UVM8ajH1zEeQJk5gd84MwqDn3roA
Date: Thu, 24 Nov 2016 09:28:36 +0000
Message-ID: <8F1D21A3-239F-43A3-B6B1-550F47CAF993@jisc.ac.uk>
References: <871syc54d1.wl-jch@pps.univ-paris-diderot.fr> <CAPt1N1=eXRBh6UqGGqUSK9cH_jY5MvPcE4MFZUPe2Z48LF7bkA@mail.gmail.com> <87lgwj504t.wl-jch@irif.fr> <CAPt1N1kDCMDBEpt7QYhHtPYjaMJAzw8G81=2y2f=y0ZProeCPA@mail.gmail.com> <13675.1479346312@dooku.sandelman.ca> <3B35AF68-4792-4B2A-8277-A7B49206581F@google.com> <74143607-B81E-4D4C-89D3-4754E0DA7DE1@jisc.ac.uk> <790beb67-a62e-b7dc-b64e-a3fcecfbdb12@mtcc.com> <87zikrihl7.wl-jch@irif.fr> <2EEB3CCD-3C25-4844-95B5-DDE31F982EA2@iki.fi> <87oa17i9eq.wl-jch@irif.fr> <2DAA6FEB-8C87-42DA-9465-E740669C563A@iki.fi> <7i37iinfoa.wl-jch@irif.fr>
In-Reply-To: <7i37iinfoa.wl-jch@irif.fr>
Accept-Language: en-GB, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-mailer: Apple Mail (2.3251)
x-ms-exchange-messagesentrepresentingtype: 1
x-originating-ip: [2001:a88:d510:1101:35ef:6bb7:c751:796]
x-ms-office365-filtering-correlation-id: 25f88bd6-c501-4942-ac8d-08d4144c4439
x-microsoft-antispam: UriScan:;BCL:0;PCL:0;RULEID:(22001);SRVR:AM3PR07MB1137;
x-microsoft-exchange-diagnostics: 1; AM3PR07MB1137; 7:Eec8Iwgwm7/Yn/SVdyRO8vjtHt9umOqObXLPMrOEYVlqbfOGKv8kFXPNOatCDlTGcMfvE6RS7vRW20Jy7T3WJmV1PT0XyCbDpNuGD27hF39HcKH8UIM5nuwXBxCwPBdB7PBE36R8mQfi4S5FSFj7zRmY9bgQ0MKhUIrdyMDfJJjUmrkFo2O5Q2urgdpjt0tNF8pndFjQ2fzgj1JfA0Q5CZhFDmtnW0RnCBwEIklwiLOZDkBaCo+J4gfy4vgiZDoNCz5di3+tVvQHjy42L8ES1BFMJElLb4fGkF3LSmDobrQT+jja0gwlyFhA7N0ZEto6kyQshvs+uv6q+Z/UNHTDw/OU5f9MTEgm+TSbpVRw8s9V/YxxwOjfnglP/pCmY6oXnl31WbE04MEMCeCqY7IiHB977NexWOHYggbbyNw0VDFO6ELcTtXPvl2VClTgQNZZ4dW2IxJGmI0qp5Ao5BXLEg==; 20:XdRDT49usE9nyXMoTT6prW34vmo50z1Uqp6MA7B8dXmT1GAVnS561xLIVgJXHJxBphIGnxpoLmygdnIW65nYgDEdhhrbxsRV+9Qv+7SxoJz+BV+TR8f2Txj6xDuHLZQU+eVhpT976HjfjNnpy8mxR+9EOrL9Xo+I4tEAGnzvyGw=
x-microsoft-antispam-prvs: <AM3PR07MB11379413A8AA419B72FF03BAD6B60@AM3PR07MB1137.eurprd07.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:;
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(6060326)(6045199)(6040361)(601004)(2401047)(5005006)(8121501046)(3002001)(10201501046)(6041248)(6061324)(20161123555025)(20161123564025)(20161123560025)(20161123562025); SRVR:AM3PR07MB1137; BCL:0; PCL:0; RULEID:; SRVR:AM3PR07MB1137;
x-forefront-prvs: 0136C1DDA4
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(7916002)(199003)(189002)(51914003)(24454002)(76176999)(50226002)(39410400001)(68736007)(101416001)(57306001)(42882006)(8936002)(2950100002)(6116002)(81156014)(81166006)(7846002)(5660300001)(2900100001)(33656002)(106116001)(102836003)(38730400001)(110136003)(105586002)(92566002)(606004)(86362001)(106356001)(6916009)(36756003)(3660700001)(74482002)(93886004)(6506003)(4326007)(50986999)(97736004)(3280700002)(7906003)(7736002)(6512003)(2906002)(5250100002)(229853002)(83716003)(82746002)(39400400001)(39380400001)(189998001)(104396002); DIR:OUT; SFP:1101; SCL:1; SRVR:AM3PR07MB1137; H:AM3PR07MB1140.eurprd07.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords; A:1; MX:1; LANG:en;
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
MIME-Version: 1.0
X-OriginatorOrg: jisc.ac.uk
X-MS-Exchange-CrossTenant-originalarrivaltime: 24 Nov 2016 09:28:36.0162 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 48f9394d-8a14-4d27-82a6-f35f12361205
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM3PR07MB1137
X-MC-Unique: SatCUdw1NA6kwrNIrXx03Q-1
Content-Type: multipart/alternative; boundary="_000_8F1D21A3239F43A3B6B1550F47CAF993jiscacuk_"
Archived-At: <https://mailarchive.ietf.org/arch/msg/homenet/uf6edGxQyPIY4XHS4k0cSJ0xYrw>
Cc: "homenet@ietf.org" <homenet@ietf.org>, Markus Stenberg <markus.stenberg@iki.fi>
Subject: Re: [homenet] Understanding DNS-SD hybrid proxying [was: Firewall hole punching]
X-BeenThere: homenet@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: IETF Homenet WG mailing list <homenet.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/homenet>, <mailto:homenet-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/homenet/>
List-Post: <mailto:homenet@ietf.org>
List-Help: <mailto:homenet-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/homenet>, <mailto:homenet-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 24 Nov 2016 09:28:51 -0000
On 23 Nov 2016, at 19:45, Juliusz Chroboczek <jch@irif.fr<mailto:jch@irif.fr>> wrote: - ohybridproxy (only really scalable and sensible IPv6 rdns source that I am aware of, given nodes talk mdns) Noted, thanks for the opinion. I still don't understand how it works (who gets port 53? how are data from multiple links merged?), but I intend to do my homework. I give dnsmasq port 53, and then have it forward queries for .home (chuckle) and my IPv4/IPv6 reverses in .arpa-land to 127.0.0.1:54 where ohp listens on my routers. Ok, makes sense (except for the choice of 54). Two more questions: - who merges data from multiple links? (I'd wish that the hybrid proxies compute a minimal spanning tree and perform peer-to-peer magic, but I suspect you're generating a config file dynamically and restarting dnsmasq whenever the set of hybrid proxies changes.) In dnssd we have the “stitching” topic on our plate, around operation of dns-sd in unmanaged multi-link networks. So this is timely discussion. We’re beginning work on a BCP for the use of the discovery/advertising proxy in enterprise/campus networks, where there is administrative configuration, and scalability is a concern. The stitching topic would likely form part of a corresponding BCP for unmanaged operation, as per a multi-link homenet. - who speaks mDNS? The Hybrid proxies? Or do they communicate with a dedicated mDNS speaker? The proxies ask about (discover) services on the link(s) they serve on behalf of the (remote) querier. For general info on how dns-sd works, see https://tools.ietf.org/html/draft-ietf-dnssd-hybrid-05, Section 5 in particular. For info the “hybrid proxy” has been renamed the “discovery proxy”, which will be reflected in the -06 draft, and Stuart will be publishing a separate “advertising proxy”, which will allow (remote) proxy advertisements of services in addition to proxy discovery of them. For more info on that, see https://www.ietf.org/proceedings/97/slides/slides-97-dnssd-hybrid-proxy-00.pdf The other thing to be aware of is that there is “long lived query” support for the proxies being defined via the DNS Push Notifications and DNS Session Signalling drafts (https://tools.ietf.org/html/draft-ietf-dnssd-push-09 and https://tools.ietf.org/html/draft-ietf-dnsop-session-signal-01). These allow clients to get timely notifications of changes. Tim
- [homenet] About Ted's naming architecture present… Juliusz Chroboczek
- Re: [homenet] About Ted's naming architecture pre… Ted Lemon
- Re: [homenet] About Ted's naming architecture pre… Ted Lemon
- Re: [homenet] About Ted's naming architecture pre… Juliusz Chroboczek
- Re: [homenet] About Ted's naming architecture pre… Michael Richardson
- Re: [homenet] About Ted's naming architecture pre… Ted Lemon
- Re: [homenet] About Ted's naming architecture pre… Michael Richardson
- Re: [homenet] About Ted's naming architecture pre… Ted Lemon
- Re: [homenet] About Ted's naming architecture pre… Juliusz Chroboczek
- Re: [homenet] About Ted's naming architecture pre… james woodyatt
- Re: [homenet] About Ted's naming architecture pre… Michael Thomas
- Re: [homenet] About Ted's naming architecture pre… james woodyatt
- Re: [homenet] About Ted's naming architecture pre… Ted Lemon
- Re: [homenet] About Ted's naming architecture pre… james woodyatt
- Re: [homenet] About Ted's naming architecture pre… Tim Chown
- Re: [homenet] About Ted's naming architecture pre… Juliusz Chroboczek
- Re: [homenet] About Ted's naming architecture pre… Michael Thomas
- Re: [homenet] About Ted's naming architecture pre… Juliusz Chroboczek
- Re: [homenet] About Ted's naming architecture pre… Markus Stenberg
- [homenet] Firewall hole punching [was: About Ted'… Juliusz Chroboczek
- Re: [homenet] Firewall hole punching [was: About … Markus Stenberg
- Re: [homenet] Firewall hole punching [was: About … james woodyatt
- Re: [homenet] Firewall hole punching [was: About … james woodyatt
- Re: [homenet] Firewall hole punching [was: About … Lorenzo Colitti
- Re: [homenet] Firewall hole punching [was: About … Markus Stenberg
- Re: [homenet] Firewall hole punching [was: About … Ca By
- Re: [homenet] Firewall hole punching [was: About … Michael Thomas
- Re: [homenet] Firewall hole punching [was: About … Tim Chown
- Re: [homenet] Firewall hole punching [was: About … Juliusz Chroboczek
- Re: [homenet] Firewall hole punching [was: About … Ray Bellis
- Re: [homenet] Firewall hole punching [was: About … Tim Coote
- Re: [homenet] Firewall hole punching [was: About … Gert Doering
- [homenet] Back to Ted's draft [was: Firewall hole… Juliusz Chroboczek
- [homenet] Understanding DNS-SD hybrid proxying [w… Juliusz Chroboczek
- Re: [homenet] Understanding DNS-SD hybrid proxyin… Markus Stenberg
- Re: [homenet] Understanding DNS-SD hybrid proxyin… Tim Chown
- Re: [homenet] Understanding DNS-SD hybrid proxyin… Juliusz Chroboczek
- Re: [homenet] Understanding DNS-SD hybrid proxyin… Juliusz Chroboczek
- Re: [homenet] Understanding DNS-SD hybrid proxyin… Markus Stenberg
- Re: [homenet] Understanding DNS-SD hybrid proxyin… Markus Stenberg
- Re: [homenet] Understanding DNS-SD hybrid proxyin… Juliusz Chroboczek
- Re: [homenet] Firewall hole punching [was: About … james woodyatt
- Re: [homenet] Firewall hole punching [was: About … Lorenzo Colitti
- Re: [homenet] About Ted's naming architecture pre… Ray Hunter (v6ops)
- Re: [homenet] About Ted's naming architecture pre… james woodyatt