IETF Logo Mail Archive

Re: [weirds] I-D Action: draft-blanchet-weirds-bootstrap-ianaregistries-00.txt

"John R. Levine" <johnl@iecc.com> Mon, 24 June 2013 05:05 UTC

Return-Path: <johnl@iecc.com>
X-Original-To: weirds@ietfa.amsl.com
Delivered-To: weirds@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6A7DD21F9FBD for <weirds@ietfa.amsl.com>; Sun, 23 Jun 2013 22:05:13 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -103.3
X-Spam-Level:
X-Spam-Status: No, score=-103.3 tagged_above=-999 required=5 tests=[AWL=-1.300, BAYES_00=-2.599, J_CHICKENPOX_44=0.6, NO_RELAYS=-0.001, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2fCyXq9moaMr for <weirds@ietfa.amsl.com>; Sun, 23 Jun 2013 22:05:12 -0700 (PDT)
Received: from leila.iecc.com (leila6.iecc.com [IPv6:2001:470:1f07:1126:0:4c:6569:6c61]) by ietfa.amsl.com (Postfix) with ESMTP id 5563A21F9D55 for <weirds@ietf.org>; Sun, 23 Jun 2013 22:05:12 -0700 (PDT)
Received: (qmail 9308 invoked from network); 24 Jun 2013 05:05:10 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=iecc.com; h=date:message-id:from:to:cc:subject:in-reply-to:references:mime-version:content-type:user-agent:cleverness; s=245b.51c7d386.k1306; bh=YiKfOEd6hHntG7FtC9AhPKjM+9dU7gpFXE34h1Vl+oE=; b=A9G550lw1cHQZgHGj1MJF2AR6W8X9BaSpMBk/mC2m9yuGGsyx9k90rgWtPrujE0A4w8TPrOMKTxpnfeMdQ/tfCq0dTbQcO5Kic+GVYjQur5KkfsGv7mARfAqiIigBVb+Y5IMdizqBd3d60CMZZY/jznNxI2cegJD4fJ/2WnWnA/5Mq5RuCPdL6MRIVaodQQKu7PBX6wGvi+f4z1EIZO9D596wqUhaVtBNNKxQ3EQWGsoku5AeiEVI6OZudhcT/n6
Received: (ofmipd 127.0.0.1); 24 Jun 2013 05:04:48 -0000
Date: Mon, 24 Jun 2013 01:05:10 -0400
Message-ID: <alpine.BSF.2.00.1306240026490.16990@joyce.lan>
From: "John R. Levine" <johnl@iecc.com>
To: Byron Ellacott <bje@apnic.net>
In-Reply-To: <CDEDEC2F.278C9%bje@apnic.net>
References: <CDEDEC2F.278C9%bje@apnic.net>
User-Agent: Alpine 2.00 (BSF 1167 2008-08-23)
Cleverness: None detected
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset="US-ASCII"; format="flowed"
X-Mailman-Approved-At: Mon, 24 Jun 2013 10:57:18 -0700
Cc: John R Levine <johnl@taugh.com>, "weirds@ietf.org" <weirds@ietf.org>
Subject: Re: [weirds] I-D Action: draft-blanchet-weirds-bootstrap-ianaregistries-00.txt
X-BeenThere: weirds@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "WHOIS-based Extensible Internet Registration Data Service \(WEIRDS\)" <weirds.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/weirds>, <mailto:weirds-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/weirds>
List-Post: <mailto:weirds@ietf.org>
List-Help: <mailto:weirds-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/weirds>, <mailto:weirds-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 24 Jun 2013 05:05:13 -0000

> If bootstrapping via DNS is sufficient for the reverse DNS domain 
> queries, is query load the main reason it isn't also sufficient for IP 
> network queries?

I could have sworn we went over all this last week, but anyway, ...

Query load is only part of the reason.

Domain names are allocated a TLD at a time, so a reasonable boostrap is to 
use the TLD name as the handle.  It doesn't matter that the .COM server 
gets 3000 queries/sec, since the vast majority of bootstrap queries for 
com.domain.rdap.arpa will be satisfied from local caches.  Due to both the 
ICANN new TLD program and the number of existing TLDs, it seems likely 
that the bootstrap data will change fairly often, so we need something 
that automatically updates clients when there's a change, hence DNS.

Marc's draft says "longest match", but in fact the IANA domain registry is 
all TLDs so just doing the TLD lookup rather than the whole name is 
adequate and makes the DNS caches work.

Numbers are different.  For IPv4 you could fake it by using the top octet 
of the address, but for IPv6 and ASNs the allocation structure is 
extremely irregular and I don't see any way to represent it in the DNS 
with reasonable performance.

If you do the obvious thing for IPv4 and IPv6 and use something that looks 
like rDNS, e.g. 4.3.2.1.ip4.rdap.arpa. or 
f.e.d.c.b.a.9.8.7.6.5.4.3.2.1.0.f.e.d.c.b.a.9.8.7.6.5.4.3.2.1.0.ip6.rdap.arpa, 
and cover the DNS namespace with DNS wildcards, you get pessimal DNS cache 
behavior, i.e., none at all.  Each query for a different address goes back 
to the bootstrap server which synthesizes a unique response per address, 
which means vast traffic on the rdap.arpa servers, and DNS caches filling 
up with useless junk, since a cache entry is only reused if it exactly 
matches a previous query.

The longest allocated IPv6 prefix is a /23, but even if you truncate the 
bootstrap queries to 24 bits (for 4 bit rDNS boundaries) you're still 
going to need 4096 real or synthesized entries for each allocated /12, 
with basically the same problems.

Even worse, the ASN space is flat, with allocated numbers ranging from 1 
to 394,239 with some large unallocated holes.  A DNS zone of that size is 
not going to make DNS servers or DNS caches happy.  Even if we invented a 
rDNS like representation to make it easier to cover ranges with wildcards, 
it'd have the same performance problems.

It's perfectly possible to represent the allocation information in a 
compact and efficiently searchable form (it is, after all, on three pages 
at IANA), but not by using the formats that the DNS provides.  The number 
bootstrap data changes very rarely, like once a year or less, so it's OK 
for the update not to be automatic.  Hence the per-TLD DNS lookup for the 
regularly named but frequently updated and uncoordinated DNS registries, 
and the vague baked-in bootstrap hack for the irregularly named, but 
rarely updated and well coordinated RIRs.

Does that make more sense?

R's,
John

v2.23.0 | Report a Bug | By Email