Re: [DNSOP] Minimum viable ANAME

Sat, 03 Nov 2018 16:54:02 -0700 



Ray Bellis wrote:



On 21/09/2018 20:12, Dan York wrote:


I do think this is a path we need to go.  We need *something* like
CNAME at the apex.  Either CNAME itself or something that works in the
same way but might have a different name.


I agree, and earlier today (well, yesterday, now) I wrote it up:

A new version of I-D, draft-bellis-dnsop-http-record-00.txt
has been successfully submitted by Ray Bellis and posted to the
IETF repository.
...


the arguments against SRV in that document are unsupported and wrong.


   While there have been previous attempts to promote the use of the SRV
   record instead of CNAME records, there have been concerns raised
   about the performance impact of the additional DNS lookup an SRV
   record would typically require.


SRV responses include additional data.


   To achieve equivalent end-user performance as existing CNAME-based
   solutions, this document permits recursive resolvers to pre-emptively
   look up the target of an HTTP Record and return the corresponding
   records to the client.  While this feature is not mandatory it is
   hoped that support would over time become near ubiquitous.


i think that makes HTTP as fast in terms of round trips as SRV is.


   Also, the presence of the Port field in an SRV record is incompatible
   with the "Same Origin" security policy enforced by web browsers and
   in practise the load-balancing / fallback capabilities of the SRV
   record are not widely used either, ...


so use "0" for the port number, and don't include more than one SRV RR.


   ... and non-DNS based solutions for
   this are already widely deployed for HTTP traffic.


so just keep using non-DNS solutions.


there's no benefit to accompany the cost of this proposal compared to 
re-use of existing code points which are already broadly implemented.


the HTTP folks are obviously not interested in round trips, anyway:

;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 37345
;; flags: qr aa; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1280
; COOKIE: 5a8f3fa2fa447f4c (echoed)
;; QUESTION SECTION:
;www.microsoft.com.             IN      A

;; ANSWER SECTION:

www.microsoft.com.      3600    IN      CNAME 
www.microsoft.com-c-3.edgekey.net.


;; Query time: 23 msec
;; SERVER: 2620:0:30::53#53(2620:0:30::53)
;; WHEN: Sat Nov 03 23:52:17 UTC 2018
;; MSG SIZE  rcvd: 105

--
P Vixie

_______________________________________________
DNSOP mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dnsop























					Reply via email to