Re: [v6ops] WGLC for RFC6555bis
Mark Andrews <marka@isc.org> Mon, 14 August 2017 08:54 UTC
Return-Path: <marka@isc.org>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id ECD4313207A for <v6ops@ietfa.amsl.com>; Mon, 14 Aug 2017 01:54:12 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.901
X-Spam-Level:
X-Spam-Status: No, score=-6.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id XKni4dtA08ES for <v6ops@ietfa.amsl.com>; Mon, 14 Aug 2017 01:54:10 -0700 (PDT)
Received: from mx.pao1.isc.org (mx.pao1.isc.org [IPv6:2001:4f8:0:2::2b]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6F34813208E for <v6ops@ietf.org>; Mon, 14 Aug 2017 01:54:10 -0700 (PDT)
Received: from zmx1.isc.org (zmx1.isc.org [149.20.0.20]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx.pao1.isc.org (Postfix) with ESMTPS id 4052D34A5FC; Mon, 14 Aug 2017 08:51:15 +0000 (UTC)
Received: from zmx1.isc.org (localhost [127.0.0.1]) by zmx1.isc.org (Postfix) with ESMTPS id 2C8A4160045; Mon, 14 Aug 2017 08:51:15 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1]) by zmx1.isc.org (Postfix) with ESMTP id 149A4160050; Mon, 14 Aug 2017 08:51:15 +0000 (UTC)
Received: from zmx1.isc.org ([127.0.0.1]) by localhost (zmx1.isc.org [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id Pw3OBD-xYHMF; Mon, 14 Aug 2017 08:51:15 +0000 (UTC)
Received: from rock.dv.isc.org (c27-253-115-14.carlnfd2.nsw.optusnet.com.au [27.253.115.14]) by zmx1.isc.org (Postfix) with ESMTPSA id 815BE160045; Mon, 14 Aug 2017 08:51:14 +0000 (UTC)
Received: from rock.dv.isc.org (localhost [IPv6:::1]) by rock.dv.isc.org (Postfix) with ESMTP id 63308823972C; Mon, 14 Aug 2017 18:51:12 +1000 (AEST)
To: Mikael Abrahamsson <swmike@swm.pp.se>
Cc: Tommy Pauly <tpauly@apple.com>, "v6ops@ietf.org" <v6ops@ietf.org>
From: Mark Andrews <marka@isc.org>
References: <4058EE05-9C9D-47BC-BA37-742FD222F6BA@apple.com> <5542934D-6ED9-47C2-A406-360C41433BD6@gmail.com> <DE38F3DD-5890-42B6-80C7-44D18170BE94@gmail.com> <CAJE_bqfOtBahm_1n4X7tHor21gxSZXjv2i-i6Kq8=r0HdV=J5Q@mail.gmail.com> <A8F0335C-1684-4B8F-8792-4FF7D6A6605A@apple.com> <CAJE_bqdGF_6-E=2m33WKYGXzc4thLPLMcioQ90jmxg7hg4NQdw@mail.gmail.com> <BBD427A9-C97A-46F8-8F72-F5DE8457FB44@gmail.com> <20170811014229.747B98208B3C@rock.dv.isc.org> <4CEEB2DC-CF09-45B4-B7D6-2591506E0B07@apple.com> <20170811055735.C543A82149BB@rock.dv.isc.org> <304BCCE2-C4BF-4392-B4DD-B36F35FD9F23@apple.com> <20170813233141.EEEAF82278E9@rock.dv.isc.org> <alpine.DEB.2.20.1708140842470.3655@uplift.swm.pp.se>
In-reply-to: Your message of "Mon, 14 Aug 2017 08:51:37 +0200." <alpine.DEB.2.20.1708140842470.3655@uplift.swm.pp.se>
Date: Mon, 14 Aug 2017 18:51:12 +1000
Message-Id: <20170814085112.63308823972C@rock.dv.isc.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/v6ops/ca_QV25y9p1fd74tACP2NrKc4Gg>
Subject: Re: [v6ops] WGLC for RFC6555bis
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/v6ops/>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 14 Aug 2017 08:54:13 -0000
In message <alpine.DEB.2.20.1708140842470.3655@uplift.swm.pp.se>, Mikael Abraha msson writes: > On Mon, 14 Aug 2017, Mark Andrews wrote: > > > ISP's and providers need to know when to switch off IPv4. To do > > that they will look at the amount of IPv4 traffic they are getting. > > Devices that initiate IPv4 connections when there is a full working > > IPv6 path just because there was a DNS cache miss don't help anyone > > make that decision. 50ms is measuring cache misses not broken / > > misconfigure authoritative servers and turning them into IPv4 > > traffic. 250ms is less so. 500ms is more less so. This is just > > with plain DNS. Add DNSSEC into the mix where a cache miss may > > well require multiple queries as DNSKEY and DS RRsets have also > > expired 250ms is becoming too small. > > You are correct, however, this problem should be solved in DNS land, not > in setting a really high advantage for IPv6 over IPv4 (at this point in > time). The document fails to account for cache misses. It assumes that there will be *no* A or AAAA records present or that both A and AAAA records will be present in the cache. In both those caches ~50ms is fine as it accounts for variance in the lookups. When only one of A or AAAA RRsets is present in the cache you have lookup times < 10ms for the RRset that is present in the cache and ~200ms for the RRset that isn't in the cache but the nameserver information is present. Waiting a realistic period for the cache miss to be filled is not "setting a really high advantage for IPv6 over IPv4". It's giving them equal standing. Another way to express this would be to require that the AAAA lookup has a minimum amount of time to succeed before failing over to IPv4 which is of the order of the time of a cache refresh. Below is a example of a cache miss for bbc.co.uk/A where the answer is fetched from the other side of the world. Thats one UDP there and one UDP packet back. [rock:~/git/bind9] marka% dig a bbc.co.uk ;; BADCOOKIE, retrying. ; <<>> DiG 9.12.0-pre-alpha+hotspot+add-prefetch+marka <<>> a bbc.co.uk ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 38363 ;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ; COOKIE: d3a9ce37593e504dfd7a68a45991596c1a2a6c63bc284349 (good) ;; QUESTION SECTION: ;bbc.co.uk. IN A ;; ANSWER SECTION: bbc.co.uk. 300 IN A 212.58.246.79 bbc.co.uk. 300 IN A 212.58.244.23 bbc.co.uk. 300 IN A 212.58.244.22 bbc.co.uk. 300 IN A 212.58.246.78 ;; Query time: 206 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) ;; WHEN: Mon Aug 14 18:03:56 AEST 2017 ;; MSG SIZE rcvd: 130 [rock:~/git/bind9] marka% > So while everything you say is correct, I do not agree with your > prioritization of "avoid long tail IPv4 usage" as opposed to "if IPv6 is > broken, the user will turn off IPv6 (forever) because it slows down the > user experience once". When IPv6 lookups are broken they usually take significantly longer than a additional 200ms to complete as you end up with multiple queries being made. > I also think that the caching resolver should refresh soon-to-be-expired > RRs that are getting close to their TTL=0. For instance, if someone is > asking for an RR and it has less than 5% of its TTL left, then just > refresh it. Which hides some cache misses from the client but not all of them. Been there, done that. > I believe there are drafts regarding this in DNSOP? > > https://tools.ietf.org/html/draft-muks-dnsop-dns-opportunistic-refresh-00 > is one. I thought there was another one, but I can't find it right now. > > -- > Mikael Abrahamsson email: swmike@swm.pp.se -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: marka@isc.org
- [v6ops] WGLC for RFC6555bis Fred Baker
- Re: [v6ops] WGLC for RFC6555bis Philip Homburg
- Re: [v6ops] WGLC for RFC6555bis 神明達哉
- Re: [v6ops] WGLC for RFC6555bis David Schinazi
- Re: [v6ops] WGLC for RFC6555bis Ca By
- Re: [v6ops] WGLC for RFC6555bis Mikael Abrahamsson
- Re: [v6ops] WGLC for RFC6555bis Fred Baker
- Re: [v6ops] WGLC for RFC6555bis David Schinazi
- Re: [v6ops] WGLC for RFC6555bis Mikael Abrahamsson
- Re: [v6ops] WGLC for RFC6555bis 神明達哉
- Re: [v6ops] WGLC for RFC6555bis Fred Baker
- Re: [v6ops] WGLC for RFC6555bis Mark Andrews
- Re: [v6ops] WGLC for RFC6555bis Tommy Pauly
- Re: [v6ops] WGLC for RFC6555bis Mark Andrews
- Re: [v6ops] WGLC for RFC6555bis Mikael Abrahamsson
- Re: [v6ops] WGLC for RFC6555bis Tim Chown
- Re: [v6ops] WGLC for RFC6555bis Tommy Pauly
- Re: [v6ops] WGLC for RFC6555bis 神明達哉
- Re: [v6ops] WGLC for RFC6555bis Mark Andrews
- Re: [v6ops] WGLC for RFC6555bis Mikael Abrahamsson
- Re: [v6ops] WGLC for RFC6555bis Stephen Strowes
- Re: [v6ops] WGLC for RFC6555bis Mark Andrews
- Re: [v6ops] WGLC for RFC6555bis Mikael Abrahamsson
- Re: [v6ops] WGLC for RFC6555bis Mark Smith
- Re: [v6ops] WGLC for RFC6555bis JORDI PALET MARTINEZ
- Re: [v6ops] WGLC for RFC6555bis Stephen Strowes
- Re: [v6ops] WGLC for RFC6555bis Philip Homburg
- Re: [v6ops] WGLC for RFC6555bis james woodyatt
- Re: [v6ops] WGLC for RFC6555bis Mark Andrews
- Re: [v6ops] WGLC for RFC6555bis David Schinazi
- Re: [v6ops] WGLC for RFC6555bis Mark Andrews
- Re: [v6ops] WGLC for RFC6555bis Mikael Abrahamsson
- Re: [v6ops] WGLC for RFC6555bis Mark Andrews
- Re: [v6ops] WGLC for RFC6555bis Mikael Abrahamsson
- Re: [v6ops] WGLC for RFC6555bis Stephen Strowes
- Re: [v6ops] WGLC for RFC6555bis - Asynchronous DN… Fred Baker
- Re: [v6ops] WGLC for RFC6555bis - Asynchronous DN… Sander Steffann
- Re: [v6ops] WGLC for RFC6555bis - Asynchronous DN… Stephen Strowes
- Re: [v6ops] WGLC for RFC6555bis - Asynchronous DN… 神明達哉
- Re: [v6ops] WGLC for RFC6555bis - Asynchronous DN… David Schinazi
- Re: [v6ops] WGLC for RFC6555bis - Asynchronous DN… Mark Andrews