On Mon, 9 Oct 2006, Kevin Darcy wrote:
> Dean Anderson wrote:
> > On Fri, 6 Oct 2006, Kevin Darcy wrote:
> >
> >
> >> The user's mistake, of course, is not that they asked the wrong
> >> question, but that they asked it in the wrong context.
> >>
> >
> > The 'user' made no mistake whatsoever. The mistake is in the DNS
> > cache/recursor configuration. The user usually has no control over this.
> >
> Regardless of one's particular theory of blame, the user is asking
> something in the wrong context. That's a "mistake".
The user made the request in the local context. That isn't wrong by any
stretch of the imagination. The user didn't ask a wrong question; Its a
right question that you want to answer globaly with a wrong answer.
Their local recursor/cache is misconfigured. This misconfiguration
resulted in the query being sent to the wrong (global) server.
> But my main point was to dispute your assertion that there is "no
> answer" to the question. In any given context, there is an answer, and
> in the Internet context the answer is Name Error aka NXDOMAIN.
Unfortunately, this isn't correct for the reasons I've already given
previously. Such a query is _always_ the result of a misconfiguration,
so there is not proper query in the internet context. To have a proper
query, you need a context where that query is proper and is not the
result of misconfiguration. Merely asserting the contrary doesn't
advance your argument.
> >> But it might not even manifest as "recursion to self". There is no
> >> requirement AFAIK that resolvers listen on 127.0.0.1, so these queries
> >> may end up triggering unnecessary timeout/retry cycles. Or are you
> >> assuming that the resolver will recognize 127.0.0.1 as "special"?
> >>
> >
> > Umm, yes: the IP Address 127.0.0.1 is special. The
> > resolver(recursor/cache) has nothing to do with the recognition of these
> > addresses as "special".
> I think you missed my point. Unless the resolver makes a special case
> for 127.0.0.1, then delegating a zone there when there is no nameserver
> listening on the address runs the risk of causing unnecessary
> timeouts/retries. That would be a Bad Idea, in my estimation. The
> general operational rule, and a good example to set, is you don't
> delegate somewhere unless you have the permission of the delegatee.
> Clearly it's not practical to get the permission of everyone with a
> 127.0.0.1 address configured on their device.
Timeouts can only occur as a result of misconfiguration by the local
server administrator. I see no reason to be concerned. In such a case,
the timeout is another positive clue that the dns cache is
misconfigured.
"Permission for delegation to self (127.0.0.1) of _local_ address space,
when misconfigured"????? This doesn't seem to be a valid point on its
face. However, IANA has authority to delegate as it finds useful, so
your point is moot. One cannot claim that IANA doesn't have permission
to do this, nor that DNSOP doesn't have permission to make a
recommendation to IANA regarding DNS Operations.
> > See RFC 3330 and RFC 1700 page 5.
> >
> > So, yes, a recursive query to 127.0.0.1 it will always manifest as
> > recursion to self.
> >
> But is it guaranteed to manifest *in*logs*?
You keep increasing the bar. "guaranteed to manifest *in*logs*" is not
the measure of usefulness. My proposal is useful because, unlike AS112,
it _can_be_ noticed in logs.
I just checked, and DJBDNS does log this as a 'servfail'
@40000000452be5861f82ac5c.s:@40000000452be56a1614afe4 query 4334914
c60388a0:db60:96cf 1 asdf.selftest.av8.net.
@40000000452be5861f82ac5c.s:@40000000452be56a16193424 cached ns
selftest.av8.net. selftest1.av8.net.
@40000000452be5861f82ac5c.s:@40000000452be56a161b5ed4 cached 1
selftest1.av8.net.
@40000000452be5861f82ac5c.s:@40000000452be56a161e0684 tx 0 1
asdf.selftest.av8.net. selftest.av8.net. 7f000001
@40000000452be5861f82ac5c.s:@40000000452be570179f18a4 servfail
asdf.selftest.av8.net. input/output error
@40000000452be5861f82ac5c.s:@40000000452be575183810cc servfail
asdf.selftest.av8.net. input/output error
> AFAIK, there is no standard
> or BCP mandating a particular level of logging for "recursion to self",
> and I don't believe BIND or any other popular resolver implementation
> gives special logging priority to "recursion to self".
Now you also want "special logging priority"???? Please.
> So your purported benefit of making the misconfiguration more
> "noticeable" is far from guaranteed, yet at the same time it runs the
> risk of wasting resources and/or setting a bad example, as mentioned
> above.
Making a misconfiguration noticable doesn't have to be guaranteed in
order to be useful. It just has to be _more_noticeable than the
alternative, or just notice_able_. However, the AS112 method guarantees
that it won't ever be noticed
Bad example???? Delegation of misconfigured private address space to
127.0.0.1 is a _good_ example of why the localhost address space exists.
> Significant risk, low probability of benefit. This is why I
> disagree with your proposal.
What risk? You haven't explained any risk or harm.
The benefit is _at_worst_ equal to, but nearly always better than, that
offered by AS112:
1) Unnecessary traffic is kept local. (better than AS112)
2) Server admins have chance to get clue of misconfiguration (better
than AS112)
--Dean
--
Av8 Internet Prepared to pay a premium for better service?
www.av8.net faster, more reliable, better service
617 344 9000
.
dnsop resources:_____________________________________________________
web user interface: http://darkwing.uoregon.edu/~llynch/dnsop.html
mhonarc archive: http://darkwing.uoregon.edu/~llynch/dnsop/index.html
