Re: [dnsext] Signaling ENDS option understanding in draft-bellis-dnsext-multi-qtypes-01
Alfred Hönes <ah@TR-Sys.de> Thu, 29 March 2012 20:11 UTC
Return-Path: <dnsext-bounces@ietf.org>
X-Original-To: namedroppers-archive-gleetwall6@lists.ietf.org
Delivered-To: ietfarch-namedroppers-archive-gleetwall6@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7A6C921E80B9; Thu, 29 Mar 2012 13:11:47 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=ietf.org; s=ietf1; t=1333051907; bh=tr5bBpDFnu0mUPIkjjMzMPyQMFofaN+eClWAQWq0MH0=; h=From:Message-Id:To:Date:Mime-Version:Subject:List-Id: List-Unsubscribe:List-Archive:List-Post:List-Help:List-Subscribe: Content-Type:Content-Transfer-Encoding:Sender; b=QPnvN1xRSzIH5WEO92xhNqtVzMpzOgKg7BOVGratuJPfNKCke0FS15KNmtetpdd+h ubcM4jSD6rqn1k+jVOBe80kpj3KiCn6c+vZHYP8cmF5LSTyZ+iVmfUcakGBNapyrBN XQjepN6YHyG9P7mZJ1NKT9KPzDflBATZqxqf+6c0=
X-Original-To: dnsext@ietfa.amsl.com
Delivered-To: dnsext@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 06B2821E80B7 for <dnsext@ietfa.amsl.com>; Thu, 29 Mar 2012 13:11:46 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -98.631
X-Spam-Level:
X-Spam-Status: No, score=-98.631 tagged_above=-999 required=5 tests=[AWL=0.118, BAYES_00=-2.599, CHARSET_FARAWAY_HEADER=3.2, HELO_EQ_DE=0.35, MIME_8BIT_HEADER=0.3, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id znqO6uiPQFdK for <dnsext@ietfa.amsl.com>; Thu, 29 Mar 2012 13:11:45 -0700 (PDT)
Received: from TR-Sys.de (gateway.tr-sys.de [213.178.172.147]) by ietfa.amsl.com (Postfix) with ESMTP id 4528721E80B1 for <dnsext@ietf.org>; Thu, 29 Mar 2012 13:11:44 -0700 (PDT)
Received: from ZEUS.TR-Sys.de by w. with ESMTP ($Revision: 1.37.109.26 $/16.3.2) id AA286311832; Thu, 29 Mar 2012 22:10:32 +0200
Received: (from ah@localhost) by z.TR-Sys.de (8.9.3 (PHNE_25183)/8.7.3) id WAA20455; Thu, 29 Mar 2012 22:10:30 +0200 (MESZ)
From: Alfred Hönes <ah@TR-Sys.de>
Message-Id: <201203292010.WAA20455@TR-Sys.de>
To: dnsext@ietf.org
Date: Thu, 29 Mar 2012 22:10:30 +0200
X-Mailer: ELM [$Revision: 1.17.214.3 $]
Mime-Version: 1.0
Subject: Re: [dnsext] Signaling ENDS option understanding in draft-bellis-dnsext-multi-qtypes-01
X-BeenThere: dnsext@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: DNS Extensions working group discussion list <dnsext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsext>, <mailto:dnsext-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dnsext>
List-Post: <mailto:dnsext@ietf.org>
List-Help: <mailto:dnsext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsext>, <mailto:dnsext-request@ietf.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: dnsext-bounces@ietf.org
Errors-To: dnsext-bounces@ietf.org
On 27 Mar 2012 12:29:06 +0100, Dick Franks noted that the QTD bit proposed in Section 3.1 of draft-bellis-dnsext-multi-qtypes-01 seems redundant. That indeed is the case, and, after discussion on a side-track of the seminal suggestions for this proposal I had made (*) before the Hiroshima IETF, this WG has formed consensus that no additional signaling of "understanding of EDNS options" is desired. To this end, IIRC the WG has decided that RFC 2671 contains enough specification, and the rfc2671bis draft again clarifies that DNS servers recieving an OPT RR in a query MUST ignore unknown options. The WG consensus in 2009 was that "ignore" also means to not copy the option into the OPT RR in the response (if any), and implementers had confirmed those days that this was the behavior of state-of-the-art EDNS implementations. Thus, according to my understanding, a conformant recipient of an OPT RR in a DNS query behaves as follows: a) no support for EDNS present (either not built-in or disabled by config): ignore entire OPT RR, do not include OPT RR into response; possible legacy alternative: return FormErr; b) support for EDNS present, but no support present for a particular option received: ignore it, do not include it in response; c) support for particular EDNS option present: behave according to the specification of that option (which may be: echo the received option unchanged, or otherwise). Since the QTCOUNT is redundant as well, the first octect of the proposed option format is indeed redundant. Note however, that rfc2671bis allows additional handshaking. So it's a matter of simplicity vs. redundancy and actual gain. (*) Please see my initial "RRGQ" proposal and its variations, as suggested in messages to the former namedroppers list and archived at http://www.ietf.org/mail-archive/web/dnsext/current/msg05291.html and http://www.ietf.org/mail-archive/web/dnsext/current/msg05305.html, and the entire thread started by the former message. The variant in the design choice mentioned in the 3rd-to-last para of the latter message -- combining a query for a Data RRtype with an EDNS option (there dubbed 'RGMASK') -- is now followed by this I-D. Unfortunately, I've never found the time to write this up properly as an I-D (as promised), and I thank Ray for eventually having done this now (with a bare RRtype list instead of an NSEC-like bitmask in the OPTION-DATA). Best regards, Alfred. _______________________________________________ dnsext mailing list dnsext@ietf.org https://www.ietf.org/mailman/listinfo/dnsext
- Re: [dnsext] Signaling ENDS option understanding … Alfred Hönes
- Re: [dnsext] Signaling ENDS option understanding … Florian Weimer
- Re: [dnsext] Signaling ENDS option understanding … Mark Andrews
- Re: [dnsext] Signaling ENDS option understanding … Ray Bellis
- Re: [dnsext] Signaling ENDS option understanding … Dick Franks