[v6ops] Re: Carrying large DNS packets over UDP in IPv6 networks

Suresh Krishnan <suresh.krishnan@gmail.com> Sat, 15 June 2024 11:48 UTC

Return-Path: <suresh.krishnan@gmail.com>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (localhost []) by ietfa.amsl.com (Postfix) with ESMTP id 2D6A8C14F6EE for <v6ops@ietfa.amsl.com>; Sat, 15 Jun 2024 04:48:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.106
X-Spam-Status: No, score=-7.106 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id EFW-Nc9euxHh for <v6ops@ietfa.amsl.com>; Sat, 15 Jun 2024 04:48:25 -0700 (PDT)
Received: from mail-pl1-x62c.google.com (mail-pl1-x62c.google.com [IPv6:2607:f8b0:4864:20::62c]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2324CC14F6AA for <v6ops@ietf.org>; Sat, 15 Jun 2024 04:48:25 -0700 (PDT)
Received: by mail-pl1-x62c.google.com with SMTP id d9443c01a7336-1f7274a453bso26517055ad.2 for <v6ops@ietf.org>; Sat, 15 Jun 2024 04:48:25 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1718452104; x=1719056904; darn=ietf.org; h=to:references:message-id:content-transfer-encoding:cc:date :in-reply-to:from:subject:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=6WfjdBx5N/r+oph0ejXnXOAYeOkJorfzs4mAIR8ykkM=; b=mfz85fu4Xgh3pGo7I/5C+fMoTi9vTaVuoKNxRQScVh4lhos/C523r9OFU0weilSksj Ib74ZuXTnOYJLu0uUC7Rsr5izHxaJ4L9uBZP6bBKc6qwnM7UeFn0nEjzyEuYfwDZ3Jfl UR+f93ScpumyZhvqAdE/nAumhNqbNEdxLTfKqbVkHgZbXeOumLCTz2Br84aPmZgfcEp9 QBAbkM4u4d9lzw539r57s4bG0LdOYekSt38SLkXx7sDMbWiE6dfRzX4zSxARjH8iOycx AwQHRFfcGt8ns0c0FPlvZASHmSIt6piAnbUBnA/j0TXtXFDH2T9N1+sCkL1s3WfKvaLL oOYw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1718452104; x=1719056904; h=to:references:message-id:content-transfer-encoding:cc:date :in-reply-to:from:subject:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=6WfjdBx5N/r+oph0ejXnXOAYeOkJorfzs4mAIR8ykkM=; b=jXaUFbPwLORrtVan0JxvsWdywDyoe0oZbGl8TOf+l1KX977LWl+sZwvLGjauOMbfXi noVu/EA0M03ibaM/qvlxqNRAV/9I+G3NcT2hlbG+zcBVIUy+sxXfoetyPe1aCYDHKUrS +QMmIlvml4Xfqi1FxnbNa5nmZLQhOBLgcngf+RHFB882Z7ZD5UjWVLPb0ePWyv+/Isij w4XdInnIbCE/+f2msl9xcU3Is8RStha1y9S05cJaQXN/mIVL4mzo6TbOyWOxBHPQFCEK 2j5KRF2wrJqH8izHxbpdSSkTTQBy9QRDbgTWXizaUQCdQVxcJKygQrKyvHJgrOhwWAYr tB7w==
X-Forwarded-Encrypted: i=1; AJvYcCU2cNSrzk1ChpL7JEIUiAsSkd/rj/dJEqqQwK7eoO7iixTlNpCfAQLLNCG8TxZpeqY6m4QL8qBUCUwgJrt/pA==
X-Gm-Message-State: AOJu0YzR+dAekU92W1pImZ0l7JNF9k8m929SLDno+c/eZpTqZ2QWkaMS VLR1chDU4T8+c3XtroMC+TSi2HV++AGlhyQ6+vWDVWO7bfAMFdzsPumbpks/
X-Google-Smtp-Source: AGHT+IEh1DGZml3CbK4uBD2LNlnYRVqERxkug4YSpDzd69ycYqQmfdcDntHYxMxcxGQWmUeSWTl9lw==
X-Received: by 2002:a17:903:950:b0:1f7:38a2:f1e8 with SMTP id d9443c01a7336-1f8627e422bmr68481115ad.41.1718452104426; Sat, 15 Jun 2024 04:48:24 -0700 (PDT)
Received: from smtpclient.apple ([2401:4900:1f2a:3b5a:a4a3:f7b7:7ae3:c97f]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-1f855effc2fsm48132145ad.190.2024. (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Sat, 15 Jun 2024 04:48:23 -0700 (PDT)
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3731.700.6\))
From: Suresh Krishnan <suresh.krishnan@gmail.com>
In-Reply-To: <9B5A070B-93ED-4FE0-A2BA-858C6E285DB5@gmail.com>
Date: Sat, 15 Jun 2024 07:48:11 -0400
Content-Transfer-Encoding: quoted-printable
Message-Id: <2A965848-04BA-4F22-AE83-6378FF4C2CEC@gmail.com>
References: <E35DC12F-D1CE-4AE5-B155-612C639A348B@gmail.com> <CACyFTPE=vUJTYDQQO=CHYR2RW6Ls5b6c1UVffmgcmvG91G9nQg@mail.gmail.com> <9B5A070B-93ED-4FE0-A2BA-858C6E285DB5@gmail.com>
To: Daryll Swer <contact=40daryllswer.com@dmarc.ietf.org>
X-Mailer: Apple Mail (2.3731.700.6)
X-MailFrom: suresh.krishnan@gmail.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-v6ops.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: v6ops@ietf.org
X-Mailman-Version: 3.3.9rc4
Precedence: list
Subject: [v6ops] Re: Carrying large DNS packets over UDP in IPv6 networks
List-Id: v6ops discussion list <v6ops.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/v6ops/gQ3e6XDmXNewCT5sL_DcSf6gDyM>
List-Archive: <https://mailarchive.ietf.org/arch/browse/v6ops>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Owner: <mailto:v6ops-owner@ietf.org>
List-Post: <mailto:v6ops@ietf.org>
List-Subscribe: <mailto:v6ops-join@ietf.org>
List-Unsubscribe: <mailto:v6ops-leave@ietf.org>

Hi Daryll,
  +1 to both Bob’s and Geoff’s points. UDP Lite handles the case where packets are delivered with bit errors (such as in some radio networks). I do know from past experience UDP Lite could provide helpful advantages in some wireless networks with high bit error rates.  It will not help in the cases where the UDP datagram is completely dropped in the network due to exceeding the path MTU at an intermediate hop. An UDP lite packet of the same size will suffer the same fate. 


> On Jun 14, 2024, at 1:16 PM, Bob Hinden <bob.hinden@gmail.com> wrote:
> Daryll,
> This draft is about carrying large DNS packets.   The abstract:
>    This document describes an approach to how Domain Name Protocol (DNS)
>    should be carried over IPv6.  There have been some operational issues
>    identified in carrying DNS packets over IPv6 and this draft proposes
>    solutions to address them.  A summary of what is proposed is to limit
>    IPv6 DNS responses over UDP to be 1280 octets and use TCP or QUIC for
>    anything larger.
> As far as I can tell UDP-lite isn’t relevant to better ways of handle large DNS packets.   The UDP checksum is not the issue.
> Bob
>> On Jun 14, 2024, at 5:10 AM, Daryll Swer <contact=40daryllswer.com@dmarc.ietf.org> wrote:
>> Hi Suresh
>> Just a question that I'm curious about. Has there ever been any research or testing done, on any potential benefits of using UDP-Lite (which supports partial checksum) instead of regular UDP (or the more complex QUIC) for a use-case such as large DNS packets perhaps?
>> A long time ago, when I did basic UDP-Lite testing, I observed that it traverse through (my small sample size) the DFZ and NAT boxes with no problem.
>> --
>> Best Regards
>> Daryll Swer
>> Website: daryllswer.com
>> On Fri, 14 Jun 2024 at 17:25, Suresh Krishnan <suresh.krishnan@gmail.com> wrote:
>> Hi all,
>>   At the last 6man meeting in Brisbane, Jared Mauch brought up an issue with large DNS packets carried over UDP in IPv6 networks. Bob and I have written a draft recommending the use of TCP or QUIC for such large packets instead of UDP. 
>> https://datatracker.ietf.org/doc/draft-hinden-v6ops-dns/
>> We would greatly appreciate your comments on this draft.
>> Thanks
>> Suresh
>> _______________________________________________
>> v6ops mailing list -- v6ops@ietf.org
>> To unsubscribe send an email to v6ops-leave@ietf.org
>> _______________________________________________
>> v6ops mailing list -- v6ops@ietf.org
>> To unsubscribe send an email to v6ops-leave@ietf.org