Re: A mechanism to encode HTTP version information in DNS

"Adrien W. de Croy" <> Sat, 16 February 2013 06:36 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id DF99521F86A2 for <>; Fri, 15 Feb 2013 22:36:59 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -10.265
X-Spam-Status: No, score=-10.265 tagged_above=-999 required=5 tests=[AWL=0.334, BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8]
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id 4FBstYGz5nQQ for <>; Fri, 15 Feb 2013 22:36:59 -0800 (PST)
Received: from ( []) by (Postfix) with ESMTP id F232F21F869C for <>; Fri, 15 Feb 2013 22:36:58 -0800 (PST)
Received: from lists by with local (Exim 4.72) (envelope-from <>) id 1U6bMP-0005Yh-1m for; Sat, 16 Feb 2013 06:34:57 +0000
Resent-Date: Sat, 16 Feb 2013 06:34:57 +0000
Resent-Message-Id: <>
Received: from ([]) by with esmtp (Exim 4.72) (envelope-from <>) id 1U6bMC-0005XX-D3 for; Sat, 16 Feb 2013 06:34:44 +0000
Received: from ([]) by with esmtp (Exim 4.72) (envelope-from <>) id 1U6bMA-0002OZ-P6 for; Sat, 16 Feb 2013 06:34:44 +0000
Received: From [] (unverified []) by SMTP Server [] (WinGate SMTP Receiver v7.5.0 (Build 3491)) with SMTP id <>; Sat, 16 Feb 2013 19:36:19 +1300
From: "Adrien W. de Croy" <>
To: "Amos Jeffries" <>
Cc: "" <>
Date: Sat, 16 Feb 2013 06:34:17 +0000
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; format=flowed; charset=utf-8
In-Reply-To: <>
Message-Id: <emf8b808aa-ca12-421d-a7e8-f60def882fd5@bombed>
Mime-Version: 1.0
Reply-To: "Adrien W. de Croy" <>
User-Agent: eM_Client/5.0.17263.0
Received-SPF: pass client-ip=;;
X-W3C-Hub-Spam-Status: No, score=-3.5
X-W3C-Hub-Spam-Report: AWL=-3.449, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001
X-W3C-Scan-Sig: 1U6bMA-0002OZ-P6 726d18180b7c33208460e9f942ab6c3c
Subject: Re: A mechanism to encode HTTP version information in DNS
Archived-At: <>
X-Mailing-List: <> archive/latest/16617
Precedence: list
List-Id: <>
List-Help: <>
List-Post: <>
List-Unsubscribe: <>

------ Original Message ------
From: "Amos Jeffries" <>
To: "Adrien W. de Croy" <>
Cc: "" <>
Sent: 16/02/2013 3:19:46 p.m.
Subject: Re: A mechanism to encode HTTP version information in DNS
>On 15/02/2013 9:05 p.m., Adrien W. de Croy wrote:
>>Are you talking about DNS labels?
>I was yes. Does this include the URL string label?

if you mean the URI RR data field (as per draft-faltstrom-uri), it can 
be quite long, being defined as a sequence of one or more 
<character-string> which are (byte) length-prefixed strings, but which 
can be concatenated.

It would more likely run into limitations on max datagram size.  I think 
implementations are supposed to handle at least 576 bytes, but to go 
bigger is a DNS extension, and I don't know how well supported it is. 
Otherwise you fail over to DNS over TCP, which I think would be 
problematic in our case due to added RTs / latency.

in DNS, a label refers to a part of a name (e.g. FQDN is a sequence of 
labels separated by dots), so "URL string label" is a bit confusing.

If you're referring to the authority part of a URI, being a domain name, 
it is subject to the limitations of DNS.

>>DNS label max length is 63 (6 bits) only, due to overloading of offset 
>>pointer with label length.
>>overall domain name max length is 255, although this is I guess 
>>relatively arbitrary, it's possible to code a longer name on a DNS 
>>packet, but not a longer label.
>So the big question: is the URL string field a label? or do we catenate 
>it from multiple labels?
>>------ Original Message ------
>>From: "Amos Jeffries" <>
>>To: "" <>
>>Sent: 15/02/2013 6:46:52 p.m.
>>Subject: Re: A mechanism to encode HTTP version information in DNS
>>>On 15/02/2013 9:16 a.m., Phillip Hallam-Baker wrote:
>>>>Encoding HTTP version information in DNS is easy if you don't 
>>>>particularly care about using DNS properly or want to do anything 
>>>>more than encode HTTP version information.
>>>>Doing it well gets rather more complex. A DNS query costs a round 
>>>>trip so you would ideally like to make it pay. Also the process of 
>>>>deploying DNS records takes some time and it is better to reuse an 
>>>>existing record but only if that will not create ambiguity.
>>>>Looking again at the URI record, I think that we could use it to 
>>>>provide a HTTP version flag and other useful features in the DNS. In 
>>>>particular we can use the URI record to effect a HTTP redirect in 
>>>>DNS (a UDP round trip) rather than require a TCP round trip. It also 
>>>>provides for fault tolerance and load balancing and works well with 
>>>>Web Services.
>>>One small note on this assertion:
>>>   FQDN are capable of being anything up to 256 octets long 
>>>*per-label*. When the FQDN is greater than 250 octets or so this will 
>>>add both a UDP round trip plus a TCP round trip, on top of the final 
>>>connection setup round trip. This may not seem a critical point, but 
>>>we are already encountering web sites and services with >64 octet 
>>>FQDN in public traffic which is causing TLS certificate issues.
>>>That asside, I am liking this proposal better than any of the earlier 
>>>DNS proposals. I can forsee support from Squid being implemented if 
>>>this is selected to go ahead.