Re: [dnsext] Signaling ENDS option understanding in draft-bellis-dnsext-multi-qtypes-01
Florian Weimer <fw@deneb.enyo.de> Thu, 29 March 2012 20:26 UTC
Return-Path: <dnsext-bounces@ietf.org>
X-Original-To: namedroppers-archive-gleetwall6@lists.ietf.org
Delivered-To: ietfarch-namedroppers-archive-gleetwall6@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 84C4F21E80CA; Thu, 29 Mar 2012 13:26:26 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=ietf.org; s=ietf1; t=1333052786; bh=/ByfATQZFjSrhocTVnWRlGdUT3yF03tOWuUIbBUtPp4=; h=From:To:References:Date:In-Reply-To:Message-ID:MIME-Version:Cc: Subject:List-Id:List-Unsubscribe:List-Archive:List-Post:List-Help: List-Subscribe:Content-Type:Content-Transfer-Encoding:Sender; b=knvc1E/U7sig5iuUWLBJDl0T4lYDaeNnWH6n5F1haJn6XzLd6uUM1bKe20QlNYqHt om20rjUuUV9SinNgbRhEBhaNMg2uUcW0mI1vxdgRVjxkq2rwLJlNInENfw0GQMCZps 5erAqnYMcrG5tyQuNBeWYoRd5yyu+lzOtRswA3Ws=
X-Original-To: dnsext@ietfa.amsl.com
Delivered-To: dnsext@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 17C8321E80CA for <dnsext@ietfa.amsl.com>; Thu, 29 Mar 2012 13:26:25 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.914
X-Spam-Level:
X-Spam-Status: No, score=-1.914 tagged_above=-999 required=5 tests=[AWL=0.035, BAYES_00=-2.599, HELO_EQ_DE=0.35, MIME_8BIT_HEADER=0.3]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wf3rxmUy1n-G for <dnsext@ietfa.amsl.com>; Thu, 29 Mar 2012 13:26:24 -0700 (PDT)
Received: from ka.mail.enyo.de (ka.mail.enyo.de [87.106.162.201]) by ietfa.amsl.com (Postfix) with ESMTP id 67E6C21E801F for <dnsext@ietf.org>; Thu, 29 Mar 2012 13:26:24 -0700 (PDT)
Received: from [172.17.135.4] (helo=deneb.enyo.de) by ka.mail.enyo.de with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32) id 1SDLvK-0000Nd-0Z; Thu, 29 Mar 2012 22:26:22 +0200
Received: from fw by deneb.enyo.de with local (Exim 4.72) (envelope-from <fw@deneb.enyo.de>) id 1SDLvJ-0005WK-Pd; Thu, 29 Mar 2012 22:26:21 +0200
From: Florian Weimer <fw@deneb.enyo.de>
To: Alfred Hönes <ah@TR-Sys.de>
References: <201203292010.WAA20455@TR-Sys.de>
Date: Thu, 29 Mar 2012 22:26:21 +0200
In-Reply-To: <201203292010.WAA20455@TR-Sys.de> ("Alfred Hönes"'s message of "Thu, 29 Mar 2012 22:10:30 +0200 (MESZ)")
Message-ID: <87bonfkvbm.fsf@mid.deneb.enyo.de>
MIME-Version: 1.0
Cc: dnsext@ietf.org
Subject: Re: [dnsext] Signaling ENDS option understanding in draft-bellis-dnsext-multi-qtypes-01
X-BeenThere: dnsext@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: DNS Extensions working group discussion list <dnsext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsext>, <mailto:dnsext-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dnsext>
List-Post: <mailto:dnsext@ietf.org>
List-Help: <mailto:dnsext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsext>, <mailto:dnsext-request@ietf.org?subject=subscribe>
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Sender: dnsext-bounces@ietf.org
Errors-To: dnsext-bounces@ietf.org
* Alfred Hönes: > To this end, IIRC the WG has decided that RFC 2671 contains enough > specification, and the rfc2671bis draft again clarifies that DNS > servers recieving an OPT RR in a query MUST ignore unknown options. I think this is rewriting history. BIND used to respond with RCODE=1 to queries carrying the new NSID option, for example. And I'm sorry to say that this obnoxious behavior is even suggested by the language in RFC 2671. > Thus, according to my understanding, a conformant recipient of an > OPT RR in a DNS query behaves as follows: > > a) no support for EDNS present > (either not built-in or disabled by config): > ignore entire OPT RR, do not include OPT RR into response; > possible legacy alternative: return FormErr; RFC 2671bis requires the RCODE=1 response, see: From: Florian Weimer <fw@deneb.enyo.de> Subject: Re: [dnsext] I-D Action: draft-ietf-dnsext-rfc2671bis-edns0-08.txt To: Olafur Gudmundsson <ogud@ogud.com> Cc: dnsext@ietf.org Date: Mon, 13 Feb 2012 16:06:02 +0100 Message-ID: <871upyept1.fsf@mid.deneb.enyo.de> > b) support for EDNS present, but no support present for a particular > option received: ignore it, do not include it in response; > c) support for particular EDNS option present: > behave according to the specification of that option > (which may be: echo the received option unchanged, or otherwise). b) and c) seem correct to me, with the caveat that reflecting the query with the original OPT RR does not mean the server supports your protocol extension. You need to bits to tell an active implementor from a reflector. (Kind of what was done with ECN for TCP, eventually.) _______________________________________________ dnsext mailing list dnsext@ietf.org https://www.ietf.org/mailman/listinfo/dnsext
- Re: [dnsext] Signaling ENDS option understanding … Alfred Hönes
- Re: [dnsext] Signaling ENDS option understanding … Florian Weimer
- Re: [dnsext] Signaling ENDS option understanding … Mark Andrews
- Re: [dnsext] Signaling ENDS option understanding … Ray Bellis
- Re: [dnsext] Signaling ENDS option understanding … Dick Franks