Re: [mif] [dnsext] [DNSOP] 2nd Last Call for MIF DNS server selection document

Keith Moore <moore@network-heretics.com> Mon, 24 October 2011 20:58 UTC

Return-Path: <moore@network-heretics.com>
X-Original-To: mif@ietfa.amsl.com
Delivered-To: mif@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 42CCA21F8C5A; Mon, 24 Oct 2011 13:58:53 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.949
X-Spam-Level:
X-Spam-Status: No, score=-2.949 tagged_above=-999 required=5 tests=[AWL=0.050, BAYES_00=-2.599, J_CHICKENPOX_51=0.6, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id VqDN4cuWe+SI; Mon, 24 Oct 2011 13:58:52 -0700 (PDT)
Received: from out5.smtp.messagingengine.com (out5.smtp.messagingengine.com [66.111.4.29]) by ietfa.amsl.com (Postfix) with ESMTP id 8FCA621F8C56; Mon, 24 Oct 2011 13:58:52 -0700 (PDT)
Received: from compute1.internal (compute1.nyi.mail.srv.osa [10.202.2.41]) by gateway1.nyi.mail.srv.osa (Postfix) with ESMTP id D566620A34; Mon, 24 Oct 2011 16:58:51 -0400 (EDT)
Received: from frontend2.nyi.mail.srv.osa ([10.202.2.161]) by compute1.internal (MEProxy); Mon, 24 Oct 2011 16:58:51 -0400
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d= messagingengine.com; h=subject:mime-version:content-type:from :in-reply-to:date:cc:content-transfer-encoding:message-id :references:to; s=smtpout; bh=IRB4Gz658TNDQWj+N4Ot8jigmhI=; b=O3 OhK1kLvs6eW77HbfkGrexZcqeVv1c+hdsra2Waknt583kAtrgNbKlP1WSg30kM7Y 9EyDlBVvchsdFNtia9ZME+iwywIpabCYY4FvPdPOmczxCch90lSzDDaM4zRnTAlf VAJVRCD1EiaKcwNq8EfEdtuIb65bi9+xAVUsCKP2Y=
X-Sasl-enc: IIWzyM/J8Wgor2KFWDbIhub1hhy7v2uriFKA/LuGAMDO 1319489931
Received: from [192.168.1.16] (host65-16-145-177.birch.net [65.16.145.177]) by mail.messagingengine.com (Postfix) with ESMTPA id 32E9A483436; Mon, 24 Oct 2011 16:58:50 -0400 (EDT)
Mime-Version: 1.0 (Apple Message framework v1084)
Content-Type: text/plain; charset=utf-8
From: Keith Moore <moore@network-heretics.com>
In-Reply-To: <4EA5D012.9090708@dougbarton.us>
Date: Mon, 24 Oct 2011 16:58:49 -0400
Content-Transfer-Encoding: quoted-printable
Message-Id: <45E6700D-4207-4807-B8A4-2CFC56440038@network-heretics.com>
References: <F2045A70-6314-41CF-AC3C-01F1F1ECF84C@network-heretics.com> <96472FB7-8425-4928-8F55-2ABF2CB59A93@conundrum.com> <628C128E-BDA8-46C3-BF07-364A482FE199@network-heretics.com> <20111024.080822.74700976.sthaug@nethelp.no> <59274CC1-611A-445B-A1CF-A0F49329DC1F@network-heretics.com> <E68B291B136EE9E8CFBF68F0@Ximines.local> <EEE0996F-FE4D-4ECF-A685-DD69DFCC87B9@network-heretics.com> <AFC2B32D1BE5A9E449B8D8A1@Ximines.local> <FAB38B5D-9B44-4B25-9268-9DE4A5DDC9FE@network-heretics.com> <4EA5D012.9090708@dougbarton.us>
To: Doug Barton <dougb@dougbarton.us>
X-Mailer: Apple Mail (2.1084)
Cc: mif@ietf.org, dnsop@ietf.org, dnsext@ietf.org, pk@isoc.de, Alex Bligh <alex@alex.org.uk>, dhcwg@ietf.org
Subject: Re: [mif] [dnsext] [DNSOP] 2nd Last Call for MIF DNS server selection document
X-BeenThere: mif@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Multiple Interface Discussion List <mif.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mif>, <mailto:mif-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/mif>
List-Post: <mailto:mif@ietf.org>
List-Help: <mailto:mif-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mif>, <mailto:mif-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 24 Oct 2011 20:58:53 -0000

On Oct 24, 2011, at 4:52 PM, Doug Barton wrote:

> On 10/24/2011 05:16, Keith Moore wrote:
>> That's the point - search lists are not appropriate most of the time, and it's very hard for software to distinguish the cases where they are potentially appropriate from the cases when they're not, and it's not possible for software to do this in all cases.
> 
> There's been something missing from this discussion, and I finally put
> my finger on it. TMK most stub resolvers have an option similar to this
> one from ISC's:
> 
> ndots:n
>        sets a threshold for the number of dots which
>        must appear in a name given to res_query() (see
>        resolver(3)) before an initial absolute query
>        will be made.  The default for n is “1”, mean‐
>        ing that if there are any dots in a name, the
>        name will be tried first as an absolute name
>        before any search list elements are appended to
>        it.
> 
> So it seems that this question is already a matter of local policy,
> which given the number and quality of the divergent views seems
> eminently reasonable. Can we move on now?

No, because relying on "local policy" is not sufficient for interoperability.

I think there's a need for IETF to document why any other value than 1 is a Bad Idea, and more to the point, why it will break things.    The problem isn't entirely specific to hosts with multiple interfaces.  But given that using multiple interfaces makes the problem worse, MIF might want to take on some of the work of documenting why it will break things.

Keith