IETF Logo Mail Archive

Re: [v6ops] New draft at dnsop a bis for DNS IPv6 Transport Operational Guidelines

Geoff Huston <gih@apnic.net> Sat, 11 November 2023 04:56 UTC

Return-Path: <gih@apnic.net>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 11432C198476 for <v6ops@ietfa.amsl.com>; Fri, 10 Nov 2023 20:56:07 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.108
X-Spam-Level:
X-Spam-Status: No, score=-2.108 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=apnic.net
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tWNPjd97ZmoW for <v6ops@ietfa.amsl.com>; Fri, 10 Nov 2023 20:56:03 -0800 (PST)
Received: from AUS01-ME3-obe.outbound.protection.outlook.com (mail-me3aus01on2050.outbound.protection.outlook.com [40.107.108.50]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E225FC18E1B6 for <v6ops@ietf.org>; Fri, 10 Nov 2023 20:56:02 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=QdjAqwSpQjNAz71fPVg2g4eBJAtNZRbO3nwr59jWFeLM6KJ5nxmE2z3V/qNbHDMviI8xzT6VFNapsgbtO0HEjFcnrXRyobtHIe9qQ0LiJJhgc2fjyU+ONfwlIY2CXgAeJaJz6MdrW930BZZOFsoPVWSjTgX7S8LtbcKbojZd1vtxvx2O+Wz//uF2ENDn4djplasKySKoi0H78xHBx4mOOFEUdhjqtQ286yoVMY+4NCzgF+nh8zRenk67hhF2O2+vcjw+oQgY+6drCNkZ/8NJVFXLMjK2PMnwkhsb+XYJRL64aojx9r76hzWMNzekdEuyGhxKf1jFxyr+SPhduT4j6g==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=qfaYaJV/TpD2ojz6TTQ40znYS5eJSkS+eKBW3zg9hTQ=; b=YCP1wS6vnsvihBYnDsEQNydzTNZvkgRcBL4zXgYLssx6dDXeMN0Fz89uk01shsceyzX5CuNvuot4mCS6lqeRJIoshzpzgsdzA9DBQgB5rpEJTlratBB8IrtrkIj/PFkhe66Ehi8rt2E3MsCqLerLDZNe3XGl2zrwA5eItAIIo9mQAqrSFjYr6uqWyiPSJAzxT2bHQsJKowPr9JqFUTc/gSy97qNfjjVWkGnIia0uziygCYzUauI9DlNderj+8gZNXCpzWDxBgWZVZK6XNQKdMl48pMWBFheXiU1cNN3e7WGWrqjtsw6XzGQUE0KBzk9tk7HhTEgplIDo0RrbKlKJnw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=apnic.net; dmarc=pass action=none header.from=apnic.net; dkim=pass header.d=apnic.net; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=apnic.net; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=qfaYaJV/TpD2ojz6TTQ40znYS5eJSkS+eKBW3zg9hTQ=; b=nhHuZyRsWU9akLNSzTUybJLZjzfA7J9IeUQYmQBeSuCMBX7/BvUHVsMUN/6lenMTSAGY16ydLCbTjF2JAVRMdEqsLbGTv11tUHToXz9iw7hAdX9d7luiYLtSP4e+O0JDH2nquFpwPMKXJVGZodKheYpmIo1TzH+7Lt4+txrX4b8=
Received: from SYZP282MB3169.AUSP282.PROD.OUTLOOK.COM (2603:10c6:10:176::18) by ME3P282MB4196.AUSP282.PROD.OUTLOOK.COM (2603:10c6:220:18a::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6977.22; Sat, 11 Nov 2023 04:55:59 +0000
Received: from SYZP282MB3169.AUSP282.PROD.OUTLOOK.COM ([fe80::350c:a749:2801:a711]) by SYZP282MB3169.AUSP282.PROD.OUTLOOK.COM ([fe80::350c:a749:2801:a711%3]) with mapi id 15.20.6977.020; Sat, 11 Nov 2023 04:55:59 +0000
From: Geoff Huston <gih@apnic.net>
To: Owen DeLong <owen@delong.com>
CC: Gert Doering <gert@space.net>, list <v6ops@ietf.org>
Thread-Topic: [v6ops] New draft at dnsop a bis for DNS IPv6 Transport Operational Guidelines
Thread-Index: AQHaExC9b2onPeoBBkiWl+bgdD+8xbByBSuAgAAuPoCAAdRrgIAAhJ6AgAABOYCAAALfAA==
Date: Sat, 11 Nov 2023 04:55:59 +0000
Message-ID: <4F493716-44FA-473A-8EFC-C6811B1E1C7A@apnic.net>
References: <CAD9w2qYhCmkp2bOiGet4DY4AmbGHXj7r_reMibCK18rR8ivbMQ@mail.gmail.com> <CACMsEX8wQB3B1w2TOpPTjZoADYf5ybrKhpOXmo=iuOhUFJbJ5g@mail.gmail.com> <B57D7BFA-ECE9-4F23-9324-7591E91F457B@apnic.net> <ZU6WpbDBJ9lcik_3@Space.Net> <927959F5-71C8-4488-A52D-2A5A0969A951@apnic.net> <5A47C4EB-7DFD-472D-87DE-F2AEF9971844@delong.com>
In-Reply-To: <5A47C4EB-7DFD-472D-87DE-F2AEF9971844@delong.com>
Accept-Language: en-AU, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-mailer: Apple Mail (2.3774.200.91.1.1)
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=apnic.net;
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: SYZP282MB3169:EE_|ME3P282MB4196:EE_
x-ms-office365-filtering-correlation-id: 27520753-a8e7-4211-23a2-08dbe2727f57
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: vlaWF0T5b7xHe4xriecM0SieXUiotVT7OwtSOgwZwNDrWCLwK5X5q+1h5/r+y3Rb2no9JK+t5B7WO5xUdCTVaNkJ4Mvkrb7ksnIVnavNl2/8xNeUmum+8mmH28vvUieS+h8C6NmSJZxVDlyx30LpIMtOSMV7oQCEpli93etrjryP8aBKzQXbFntdJoYquU7GR5vXMlF6h5d+BQBtJy+PffAmrlFBBp8PVfNA+6uy3s0Fgr38hufXFdz7TmjXHZaUyTj2/wFyQmu2CfC9yykaB3RBp+F8rM6VNv2IuI7Tzukhn9h0QNv7vU4xYcNsTocBj693VTbfAw3C93Wi/oS1Wl71XF8MbkTEIpQM1zYTzESXE1820GNRbQomUXtWHHtATY4glac+s5YeQfdzT9oj18E28I3aVAUTcPkpuK5fx9qsfLSrTAYnUvwtkSfJkOm5gAJjh5eGi5g+6nqL3KNPd96KRgQNB2d+F7Cdjv7XIuDzl2P9ImsRrkYBjGQtm3MPwrr2Bzw+IH+cWsb3rkBhiUgUK5hg+6t6XLGXcr1/x54aaFnuTmBMLStYDODcdHT6Si7AW9JbS0SgK7q2u9OlSa2q1JWFUUL91abo00Yrfd/j4ovDTEJ9Ys1JHeRUtkZy6xzFOYANypZBJ+r/MiYQ/g==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:SYZP282MB3169.AUSP282.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(13230031)(136003)(366004)(376002)(396003)(346002)(39840400004)(230922051799003)(64100799003)(451199024)(186009)(1800799009)(5660300002)(83380400001)(2616005)(41300700001)(53546011)(71200400001)(6506007)(26005)(6512007)(36756003)(38070700009)(33656002)(6486002)(478600001)(86362001)(2906002)(66446008)(54906003)(6916009)(316002)(64756008)(66946007)(66556008)(66476007)(76116006)(91956017)(8676002)(8936002)(4326008)(38100700002)(122000001)(45980500001); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: b3ilU9b3nl4WuiL1AbuO6HV1cC8pjKhvQ4Z3e0UxQ4R9DKd2nFtRpfGnyQBq3NmL7EPYSkQxNlnbyN25mIok3W2L+iKN+onc1IqI2px0RccLNSodZD9ZQmDRCdqxcK5v41EhaRUgiGA/tcv9ig3dv9379l7y4NytsPWOIwpUjmzgc7bVwPLE1zlv7PtEe/F/05RnTvnoBMSHedmnpgtvAAl3d+c4ZHILdH8FANQd3V+W6dExrF2y9iTKUf/0cYyw2/wPiNWarvZfEPrxguiK5t0ywjHlPGxGkTXzD8cMjEtTHl91L3kaEWJWdwY3cUhXITYaeSI9b8vh+Inw30KQGrFIhjUqU00QX0lqyf1vrZdJdANV44EPzxiIr3RQfQ1FIE+LyX9/0hIpMJmTMEQre31CUapW6WaVUq67pxH42wS7h3SpXkRkVnXMKLKqd0CxcH3L0BkGXlDdzsxfovVb5UfyDfDNQDQ+8qd2JGX11YMEVVsgkEpFeY4Q48YM90nfw3w8XC4gs3sF9V0wG05B9YaKEKg7ZdVY4WYRiYRP082hlOoKcYqT/g5uQ/koUU00fyByWet6KT0olY0X3Wna5D+q/4gAMZWyhdnO0t6urkT+h1ohmlGDw8BX714nT9mUP8hy8Os2MqwmAwQclmjYNJPAsgjxWWaP43cIOOfTCQdG9TOcT/604QkE94Bp0E7w5D69Y/2JkuL0yDSzEph1BsX0OvrJ1b+/ae0mNGtnxoz7funI1Li0SCdbjemVQaa3NkjEbVQjoZcJ+7kDBoxxAH9QfApZeoAVkpscpBa8qisc8BQ6PPNEIpgVZ6xo85/Y76sM9nDnNbeZCXVRBqivuigDU3vEehrtC2kT0FrvB0l57xkgNAmxHn2Bq2f1d5RJnHL5FFa6wDkAd5rZ1ytJupcnAu0TclajUCQB6rVVMt5PqBiPS6wNPodD3nFR3UAp+XRzfpsgN5MAvwWRhWvPexv5WkoFTiyuz0qnNnNg2KrCBTji6JLStWVNNDW+ahKrdoyDCC/hYAJNfY45g7EzL2jbCGKTsi8OEwanvK8WOVwkvLW2hGjWx5eZingjzOeYMkwDE2eaEZD4dELXEKwfsbwkT9xX058o1SGXaWMdVUZwyqv8wh1a1WwlW1cqcUV/EdX+7vWNt+VHHa7zv25OTvVrgtIUo4GYF5zvHDGq3AtQRltbYoLosSDtA5eIZx03aLKkgrg4TaMnZ0duduvbUqKTlqnWlrNx4LFpj48ruPYcLltZvv7MFStupSAzD/MC2ze8VM5V4s5ScuvKx7edZc6ENnslVzBQo8lOdkvqD6tvDiHjPx2icDpMBn0Xp5JcIF3yRiplO+wd39PJV0EoKWiUWLB+T19V4P8ezGBH7Qv4qKieEyF9GIHt0rjsPTQ8C0tPGU0ZO8hxMcRSnZUfrRFx6G90HyMujqnkMmWng+c+/otFjcI+sWxPzG4s5jnThNRYwWJ2MszkvEFhUlgVy9TI71cTqUX5vscTgr1xq8RM89wFML6UoIbfJTrEkK/R5D9TSOoUFEoB/L6ZnG0ytka0vEAuoTWLY/Mbii5NsrDQL+3sjtx+qH6kSGUuMKAl
Content-Type: multipart/alternative; boundary="_000_4F49371644FA473A8EFCC6811B1E1C7Aapnicnet_"
MIME-Version: 1.0
X-OriginatorOrg: apnic.net
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: SYZP282MB3169.AUSP282.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-Network-Message-Id: 27520753-a8e7-4211-23a2-08dbe2727f57
X-MS-Exchange-CrossTenant-originalarrivaltime: 11 Nov 2023 04:55:59.3162 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 127d8d0d-7ccf-473d-ab09-6e44ad752ded
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: mUprTHLPzJhvOV+9FS+Jx5n2mJBrpM2OzApS3f8yMXLozZImzj37byQxtod4HD1z
X-MS-Exchange-Transport-CrossTenantHeadersStamped: ME3P282MB4196
Archived-At: <https://mailarchive.ietf.org/arch/msg/v6ops/bhwbMoRtapk7mSzpfo5jPd2oE_E>
Subject: Re: [v6ops] New draft at dnsop a bis for DNS IPv6 Transport Operational Guidelines
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/v6ops/>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 11 Nov 2023 04:56:07 -0000


On 11 Nov 2023, at 8:45 am, Owen DeLong <owen@delong.com> wrote:


Failure takes time. If a server is serving large responses over IPv6 it may take longer and may take some time to conclude that a response cannot reach the querier over IPv6. To recommend that this extended time SHOULD be the default seems to me to lack adequate operational motivation and lack some cohesion elsewhere in this space to shave off delay elements. TLS 1.3, QUIC, etc.. It we are all for a slower DNS then lets be upfront with that desire! ( :-) )


In fairness, isn’t working around this sort of thing a big part of Happy Eyeballs (for better or worse)?

There is no “Happy Eyeballs” in protocol choice for DNS resolution queries. There is no “fast failover” either.

The current theological orthodoxy is to set your EDNS Buffer size to 1232 and if the response is larger than that then burn up an additional 2 RTT cycles to get the client to query using TCP. In theory this avoids waiting for a timeout, but it’s still a time penalty. But this message does not appear to have made it through. In the APNIC measurement platform some 47% of DNS queries over IPv6 present with a 4096 EDNS buffer size.

v2.31.3 | Report a Bug | By Email | System Status