Re: [v6ops] New draft at dnsop a bis for DNS IPv6 Transport Operational Guidelines

Owen DeLong <owen@delong.com> Sun, 12 November 2023 06:48 UTC

Return-Path: <owen@delong.com>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5465EC15C2AF for <v6ops@ietfa.amsl.com>; Sat, 11 Nov 2023 22:48:58 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.105
X-Spam-Level:
X-Spam-Status: No, score=-2.105 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=delong.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 96nfKMv138bL for <v6ops@ietfa.amsl.com>; Sat, 11 Nov 2023 22:48:54 -0800 (PST)
Received: from owen.delong.com (owen.delong.com [IPv6:2620:0:930::200:2]) by ietfa.amsl.com (Postfix) with ESMTP id 8DE1EC15C296 for <v6ops@ietf.org>; Sat, 11 Nov 2023 22:48:54 -0800 (PST)
Received: from smtpclient.apple ([192.168.100.138]) (authenticated bits=0) by owen.delong.com (8.17.1/8.15.2) with ESMTPSA id 3AC6mmXw3116297 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Sun, 12 Nov 2023 06:48:48 GMT
DKIM-Filter: OpenDKIM Filter v2.11.0 owen.delong.com 3AC6mmXw3116297
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=delong.com; s=mail; t=1699771729; bh=ziaBa24xEn/pV1lJsb6XCm1amsU/xhpV+hE/TyUvVi8=; h=From:Subject:Date:In-Reply-To:Cc:To:References:From; b=nwAQDLWEUVjjDhGmYWoQovF3CqBS/FmM6CYww00Tdk5d0pnYDifqW64pNZ0TYkWFH dFU927xACTaIWnIyZzyG1BA9CArVZYG2qW6nBIvGl2+yAVmJliq+vz7S/TBl3ox0nX kkuGJTSBdvugIsqdlztCMsu3dJXDFG2CrJmEAx8c=
From: Owen DeLong <owen@delong.com>
Message-Id: <C19D5D2A-5C10-4A38-91EC-B01B1A24EF5E@delong.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_06A9FE51-2D2D-4E02-9A05-5B414B8EEA03"
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3774.100.2.1.4\))
Date: Sat, 11 Nov 2023 22:48:38 -0800
In-Reply-To: <CAN-Dau3oRrSgaeu7i_d-Ef4vQy65zRh+xitEe5whukPJnYG5=Q@mail.gmail.com>
Cc: Geoff Huston <gih@apnic.net>, list <v6ops@ietf.org>
To: David Farmer <farmer@umn.edu>
References: <CAD9w2qYhCmkp2bOiGet4DY4AmbGHXj7r_reMibCK18rR8ivbMQ@mail.gmail.com> <CACMsEX8wQB3B1w2TOpPTjZoADYf5ybrKhpOXmo=iuOhUFJbJ5g@mail.gmail.com> <B57D7BFA-ECE9-4F23-9324-7591E91F457B@apnic.net> <ZU6WpbDBJ9lcik_3@Space.Net> <927959F5-71C8-4488-A52D-2A5A0969A951@apnic.net> <5A47C4EB-7DFD-472D-87DE-F2AEF9971844@delong.com> <4F493716-44FA-473A-8EFC-C6811B1E1C7A@apnic.net> <00356A59-2B04-4A46-B2B4-EA595A4F02A1@delong.com> <4B765D39-5201-4814-BFAE-8F3D71D24469@apnic.net> <F8EF42B7-E548-4BCB-B88B-2114E01FFC01@delong.com> <B55834E0-7EB0-431B-A936-92B8C5C3EAF7@apnic.net> <CAN-Dau3oRrSgaeu7i_d-Ef4vQy65zRh+xitEe5whukPJnYG5=Q@mail.gmail.com>
X-Mailer: Apple Mail (2.3774.100.2.1.4)
X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.6.4 (owen.delong.com [192.159.10.2]); Sun, 12 Nov 2023 06:48:49 +0000 (UTC)
Archived-At: <https://mailarchive.ietf.org/arch/msg/v6ops/HxZdfQdCHxyAYrVBcBk5mRtAYrI>
Subject: Re: [v6ops] New draft at dnsop a bis for DNS IPv6 Transport Operational Guidelines
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/v6ops/>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 12 Nov 2023 06:48:58 -0000


> On Nov 11, 2023, at 22:22, David Farmer <farmer@umn.edu> wrote:
> 
> I think Owen is referring to the behavior of DNS clients communicating with a recursive DNS resolver specified in Section 3.1 of RFC 8305, Happy Eyeballs v2;
> 
> 3.1.  Handling Multiple DNS Server Addresses
> 
>    If multiple DNS server addresses are configured for the current
>    network, the client may have the option of sending its DNS queries
>    over IPv4 or IPv6.  In keeping with the Happy Eyeballs approach,
>    queries SHOULD be sent over IPv6 first (note that this is not
>    referring to the sending of AAAA or A queries, but rather the address
>    of the DNS server itself and IP version used to transport DNS
>    messages).  If DNS queries sent to the IPv6 address do not receive
>    responses, that address may be marked as penalized and queries can be
>    sent to other DNS server addresses.
> 
>    As native IPv6 deployments become more prevalent and IPv4 addresses
>    are exhausted, it is expected that IPv6 connectivity will have
>    preferential treatment within networks.  If a DNS server is
>    configured to be accessible over IPv6, IPv6 should be assumed to be
>    the preferred address family.
> 
> On the other hand, Geoff is referring to the behavior of a recursive DNS resolver communicating with an authoritative DNS server. And I think he is correct that there isn't any Happy Eyeballs type behavior there.

Fair enough, and yes, that’s true (at least for what I’m referring to, I won’t presume to speak for Geoff, but seems likely), but in most cases, the end result of this is that the client gets back a quick answer even if IPv6 fails (at least that’s been my experience).

Owen