I like the Extended Error Code using EDNS idea. This was effectively what was done with TSIG and TKEY that have an expanded Error field inside the RR. However:
>> I don't see any reason for the complex two-dimensional table to new error codes. Given that 16 bits is available for "INFO-CODE" (which I think, to follow the DNS nomenclature used in TSIG and TKEY, should just be called "Error"), I don't see why these extended error codes, which provide more detail beyond the top level Error code value, can't be from the single unified DNS error code table. That way, wherever you get a DNS Error code (from RCODE or the EDNS extended error field or the TSIG or TKEY error fields or wherever, there is just one table to look it up in. For example, you could Reserve 4096 through 8191 for this purpose, which is probably enough values :-) >> Since RCODEs are 4 bits, I don't see why a 16-bit RESPONSE-CODE field is required. Even if you want to be able to provide additional information for the 12-bit error codes of RCODE as extended by base EDNS, there is still enough room in the previous 16-bit word which has 15 unused bits in it. Just move the RESPONSE-CODE up into the previous word. Thanks, Donald =============================== Donald E. Eastlake 3rd +1-508-333-2270 (cell) 1424 Pro Shop Court, Davenport, FL 33896 USA d3e...@gmail.com On Tue, Oct 30, 2018 at 1:42 PM Paul Vixie <p...@redbarn.org> wrote: > > > > Ray Bellis wrote: > .... > > FWIW, I really wish in retrospect that EDNS(0) had defined the extra > > rcode bits as being for a _sub-type_ of the primary RCODE, i.e. SERVFAIL > > is always "2" in those four bits in the main header, with the extended > > field in the EDNS response allowing for more detail (c.f. this draft). > > > > Unfortunately with the newer RCODEs just being assigned contigiously > > from 16 onwards that's no longer possible :( > > it was never possible -- we needed more rcodes, even though we now know > we also need more detail on existing rcodes. > > -- > P Vixie > > _______________________________________________ > DNSOP mailing list > DNSOP@ietf.org > https://www.ietf.org/mailman/listinfo/dnsop _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop