Hi DNSOP, A few months ago, Puneet Sood, John Todd, and I proposed "probe.resolver.arpa" as the standard name for DNS resolver reachability probes [1]. Since then, my team has done a sizeable test deployment (several thousand clients), in a situation where we were probing the reachability of Google Public DNS using IPv4 and IPv6.
In the old configuration, clients were probing reachability by querying for "A" records at "www.google.com". In the new configuration, clients were querying for "A" records at "probe.resolver.arpa". The results show that the new reachability probes behave exactly as expected, or perhaps even better: * The success/fail rates and error distributions are identical. * The response latency is highly correlated, but 8 milliseconds faster on average. We believe this is due to a "fast path" in Google Public DNS when synthesizing NXDOMAIN responses under "resolver.arpa". I would like to see this draft progress to RFC in order to formally reserve the target domain. Otherwise, probers that expect NXDOMAIN could be confounded when records are added. Given the rather trivial scope of this draft, I think AD sponsorship could be appropriate, but DNSOP adoption would also be welcome. --Ben Schwartz [1] https://datatracker.ietf.org/doc/draft-sst-dnsop-probe-name/
_______________________________________________ DNSOP mailing list -- [email protected] To unsubscribe send an email to [email protected]
