[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: DNS Qname minimisation



On Mon, Mar 28, 2016, at 21:30, Florian Weimer wrote:
> * Henrique de Moraes Holschuh:
> 
> > On the CDN side, Akamai were warned that their authoritative servers
> > were broken and would interfere with Qname minimization in February
> > 2015[1], and it is still not fixed.  It is the same bad behavior that
> > happened to ECN
> 
> It is similar to ECN indeed.  In both cases, people changed the
> specification, and complained loudly when their changes are
> incompatible with the installation base.

Not sure if that's the case. I think that Akamain implementation is just
broken and needs to be fixed. We'll push Akamai to fix that now that RFC
7816 is out.

I completely don't agree with "NAT for DNS", on the contrary, the QNAME
minimization is transparent for end clients and can be deployed
gradually as resolvers adds support for that.

As for the deep-chains -> some .arpa optimizations probably should land
in the code, but I would point out, that you are mostly ignoring the
caching behaviour of DNS, that would cause QNAME minimization to burst
more queries in the beginning, but after the cache is hot, it won't
(shouldn't have) much operational impact. The more harm is usually done
by TTL < #smallnumberofseconds.

O.
-- 
Ondřej Surý <ondrej@sury.org>
Knot DNS (https://www.knot-dns.cz/) – a high-performance DNS server


Reply to: