IETF Logo Mail Archive

Re: [Http-srv] Alternative to SRV?

Shumon Huque <shuque@gmail.com> Fri, 24 August 2018 11:06 UTC

Return-Path: <shuque@gmail.com>
X-Original-To: http-srv@ietfa.amsl.com
Delivered-To: http-srv@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BF07A130E4C for <http-srv@ietfa.amsl.com>; Fri, 24 Aug 2018 04:06:47 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id EnCMtwXHuzZc for <http-srv@ietfa.amsl.com>; Fri, 24 Aug 2018 04:06:46 -0700 (PDT)
Received: from mail-yw1-xc2e.google.com (mail-yw1-xc2e.google.com [IPv6:2607:f8b0:4864:20::c2e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D75FD130E1C for <http-srv@ietf.org>; Fri, 24 Aug 2018 04:06:45 -0700 (PDT)
Received: by mail-yw1-xc2e.google.com with SMTP id q129-v6so2933352ywg.8 for <http-srv@ietf.org>; Fri, 24 Aug 2018 04:06:45 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=RHe3Up05wa/YOu9v7n+6idNjpmGhuSRqjHFG3NChypw=; b=E7g+IUmM6BE4SljeABTZLqpBZQBMFqYauMlZqMHHKS8geacjZU81OvPIg8W3yxVVgM 1sscPCJoHW9jYNe5pmWINevnGwsrwca3s5FSTLLophKA8hMQFyt0asxl8lpmM1dIKdMo wKigmJ4ZITy5u3LpNXEvfvVSP5qbzblpFpn9epv6AtZ6UV5ukCpIXXddDO5llQnIWzpb 41KQsIOBPbmA4KxnS9AhLMbVIcN7sqRd3J1uRuVtVykdKggv+p/Nd9sMu9c+wnM+IGrv XT5G+K+/qjSuyZTuPmld4arHykwWVmCaaS0zv/MuefPoVYHUjRND5C9KXXdh5ewOTyKC oVTA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=RHe3Up05wa/YOu9v7n+6idNjpmGhuSRqjHFG3NChypw=; b=qeyDJE4I3xjKTLt3bTdyI8bGeizdaS0N3MKKpn1TRnCshqD2GU3uoRw7ANfUGPv080 UJ2McJs4Qq3JsQYnog9MdFaqoRZ2sYrRPfIp7N+46XhSDyhnUCGu03VAQFCQMK/phgKC 2AOXUi+mzxVTC0IEF4qY768t+G0Yo58Ye1fNM1j4K0571y3w+UfvYWbLTeWvghRgRwTv +KcEwsZVWdex1HJ5HIpv0xvqx9AOyDHpKFlf8esZtFfMRXnNjD2E6QT0CFBBidfop8/0 jsEADCDQSty2O3tuEUUAQ5xCYZgVFJOyjlzMHuoZ5oX98hqhAYRkjuf8QP7RAkLgJBXb KhJQ==
X-Gm-Message-State: APzg51Cz6Ey5d1ynLGIdctUFVLEL6Uw17xApdY6hHsOZG0ovZfXWRk2l a1dQ/MGIMIZDd8QE5kxvE7SgpSHSaEX3bwnpttjUiA==
X-Google-Smtp-Source: ANB0VdZag0P35LXr+dtoyAOvhA9rknhRnLbh+kG3lLGtpPMA+BDlRFBnlUBbQw+Ob101iGQAySBWn9VlKPGfHdbIt3k=
X-Received: by 2002:a0d:e251:: with SMTP id l78-v6mr654395ywe.218.1535108804945; Fri, 24 Aug 2018 04:06:44 -0700 (PDT)
MIME-Version: 1.0
References: <6aceab29-cf81-8644-20cd-e02281e6394c@bellis.me.uk> <DDFF92A9-9F1D-4883-AF5C-1372EBDAB156@isc.org> <CAKC-DJj3uGYwgd5v+VUEWCDS08NMcFne+1iZ2EC3FVr2qKmcwg@mail.gmail.com> <CAHPuVdWFbB_u7ppkGsF6A-8qXDqdmAyP0v5E_OAO2vzUsD9Ayg@mail.gmail.com> <9093d0e6-3546-c742-91a1-2cac4e26984e@bellis.me.uk>
In-Reply-To: <9093d0e6-3546-c742-91a1-2cac4e26984e@bellis.me.uk>
From: Shumon Huque <shuque@gmail.com>
Date: Fri, 24 Aug 2018 07:06:33 -0400
Message-ID: <CAHPuVdVuMV0CBaZCik_utFFV_jek4XagDaw-BmUV0Lof5bJvNQ@mail.gmail.com>
To: Ray Bellis <ray@bellis.me.uk>
Cc: http-srv@ietf.org
Content-Type: multipart/alternative; boundary="00000000000002aea505742c5f44"
Archived-At: <https://mailarchive.ietf.org/arch/msg/http-srv/7NjQzFY_cIDWYEhe3jrfjX1IpMk>
Subject: Re: [Http-srv] Alternative to SRV?
X-BeenThere: http-srv@ietf.org
X-Mailman-Version: 2.1.27
Precedence: list
List-Id: Using DNS SRV Records with HTTP <http-srv.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/http-srv>, <mailto:http-srv-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/http-srv/>
List-Post: <mailto:http-srv@ietf.org>
List-Help: <mailto:http-srv-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/http-srv>, <mailto:http-srv-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 24 Aug 2018 11:06:48 -0000

On Fri, Aug 24, 2018 at 6:36 AM Ray Bellis <ray@bellis.me.uk> wrote:

>
> On 24/08/2018 05:06, Shumon Huque wrote:
>
> > Before designing yet another record to solve this problem, I think we
> > need to first determine if that path would have support from HTTP folks.
> > Or, if there is already momentum behind the dns-alt-svc draft, and if it
> > is more likely to gain traction, then perhaps working on refining it is
> > the best option. Otherwise we risk defining an SRV version 2 record
> > which will again be ignored.
>
> It's completely unclear to me whether ALTSVC would be deployable as the
> primary means of directing web clients to the primary target for the
> initial HTTP connections.


> It is, after all, a DNS encoding of the HTTP *Alternate* Service feature.
>

I had the same question. But from talking to some HTTP folks at the last
IETF, I believe that they do see it as potentially being the primary means
of redirection, at least down the road when there is widespread support for
it. The need to maintain a HTTP responder at the origin's address records
is to minimize service latency - the initial traffic can come from the
origin address, until the client obtains and connects to the address
records associated with the ALTSVC hosts. Unfortunately this means
maintaining (or standardizing) alias redirection hacks for quite some time.
I think we can improve the latency picture further by requiring DNS
responders to pre-populate the address records in the ALTSVC response.


> > [deleted]
> >
> > I've also proposed that client behavior when processing ALTSVC responses
> > should be to shuffle or randomize the ALTSVC RRs (of equal priority),
> > and also shuffle address records for each server if there are multiple
> > of them (if they are returned by the server in additional data). This
> > would ensure better load balancing behavior regardless of whether the
> > DNS server shuffles or randomizes the records.
>
> We specifically heard at the side meeting that the browser folks don't
> want load balancing information stored in the DNS.  What we haven't
> heard (that I know of) is what the web *content* folks think of that.
>

I'm quite sure web content folks do want load balancing via DNS. Witness
the immediate uproar when a recent version of BIND accidentally undid their
RRset response randomization behavior.


> FWIW, I'd also like to do away with underscore labels for these records,
> since (again from the web / DNS hosting point of view) they interact
> badly with DNS wildcard records.
>

Yes, I think this issue is definitely worth addressing. One question is:
does HTTP need port or other parameter specific redirection, which
presumably is why the DNS ALTSVC record has the underscore labels. And if
so, what is the best way to achieve that? Pushing those parameters into the
RDATA is one way, but that will lead into predictable arguments about
record subtyping and inability to surgically extract just the required
response.

-- 
Shumon Huque

v2.23.0 | Report a Bug | By Email