From: Ben Schwartz <[email protected]> Sent: Monday, January 25, 2021 5:04 PM To: Hollenbeck, Scott <[email protected]> Cc: [email protected]; [email protected] Subject: [EXTERNAL] Re: Re: Re: [DNSOP] SVCB without A/AAAA records at the service name
On Mon, Jan 25, 2021 at 8:06 AM Hollenbeck, Scott <[email protected]<mailto:[email protected]>> wrote: [SAH] We need to think about the impact on the servers that have to respond to those queries, too. Sending unnecessary queries to the root and TLD servers puts a load on those servers that can have an impact on every client/resolver that needs to be able to reach them. This is important, but I don't think it's applicable here. The various options under consideration all impose the same amount of load on root and TLD servers. [SAH] So if some number if queries X and some number of queries Y are processed in parallel, the value of X + Y will be the same as if those queries are processed serially? Yes, if the SVCB record uses the hostname as the TargetName, as suggested in section 10.2, then there are no additional queries; they are merely issued in parallel rather than sequentially. Regardless of whether the speculative queries are wasted, your question was whether they would impose more load on TLD or root servers. If the domain's NS record is cached at the resolver, then they certainly will not. (All queries will go to the authoritative nameserver.) If QNAME minimization is applied, they also should not. (They will all trigger the same qname-minimized query to the root and TLD, and a reasonably intelligent resolver shouldn't emit duplicate queries when one is already in flight.) If the NS record is not cached, and the resolver does not implement qname minimization, then perhaps it is possible that the additional queries could leak to the TLD, or to the root if the TLD NS record is not cached. The behavior would be similar to speculative AAAA queries today. (I'm not aware of these being a cause for alarm among root or TLD operators.) Note that this conversation only concerns hypothetical future non-HTTP protocols that rely exclusively on SVCB. We are a very long way from any such protocol (1) existing and (2) having enough usage to concern the root or TLD operators. [SAH] Thanks for the clarification, but I have to disagree that it’s not a concern for operators. We would be wise to pay attention to such things long before use causes measurable impact on those servers. Scott
_______________________________________________ DNSOP mailing list [email protected] https://www.ietf.org/mailman/listinfo/dnsop
