Evan, At 2016-04-12 00:01:20 +0000 Evan Hunt <e...@isc.org> wrote:
> On Mon, Apr 11, 2016 at 09:13:42PM +0000, Adrien de Croy wrote: > > If we simply added a new QTYPE which permitted a server to respond with > > all matching A and AAAA records then that would solve a lot of problems. > > As far as I've seen, all of these suggestions share the same problem: > No matter how the multiple-QTYPE query is implemented, EDNS option or > meta-type or whatever, you can't know in advance whether an authoritative > server will support it, and you won't want to waste a whole RTT waiting to > find out, so you're going to send simultaneous A and AAAA queries *anyway*. > > So, unless I'm missing something (certainly more than possible), I don't > see server workloads or client latency being significantly reduced by the > deployment of a mechanism like this. > > I agree it's a sensible idea to combine queries when possible, and I wish > a meta-type of the sort you describe had been included when the DNS was > designed originally. But at this point, if we want to change the way > lookups work, the early adopters need to see a real benefit. At this > point, I mostly only see costs. There are two or three answers for this concern. The first is that the main driver that *I* see is in the stub to recursive scenario. As we know, recursive resolvers are the only servers today that are currently suffering any kind of serious load (excepting of course attack traffic). A stub resolver can send a single probe query to each recursive resolver that it knows about and then use that for follow-up queries (with periodic re-checks, etc, etc.). This won't affect latency much, but it will cut the number of queries significantly. This is a HUGE WIN. It has the potential to remove almost half of the queries that recursive resolvers have to answer. Half! The second answer is that this capability will have to be one more bit of data about authority servers that recursive resolvers have to track. If they do so, then it is a big win for authoritative servers that are authoritative for lots of zones. So my old employer, Dyn, which hosts hundreds of thousands (or maybe millions) of zones on only a handful of servers would have reduced traffic and load as would any resolver sending it queries. Whether this is actually true can really only be solved by measurement. I should get off my lazy butt and make some instrumented resolver code for this kind of thing... :( A third answer which falls outside of any of the current proposals is that there should be a way to document what the capabilities of an authority server are explicitly. If only there was a way to store meta-data about hosts in some sort of distributed database... ;) Cheers, -- Shane
pgpjyKoJ2xo9e.pgp
Description: OpenPGP digital signature
_______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
