Mark, Stephane, and I have had several discussions about greasing this week, and I thought I'd share some of this on the list, while folks are paying more attention to IETF121.
The greasing draft currently only talks about greasing initiated by the resolver or querier. During the hackathon, we have started looking at greasing the other way -- from DNS responders (e.g. authoritative servers). This seems potentially a bit more fraught, since the authoritative server cannot necessarily know what the result of the greasing action was: did the querier accept the answer with no problems, did it not accept it and retry other servers, did it not not accept it and just fail, causing a denial of service to the downstream application, etc. But we think it is probably an area worth exploring, and would like to treat this topic in the draft. I've also realized that earlier this year, Roy Arends and I have already done a form of responder side greasing as part of our early DELEG tests (having authority servers insert an unexpected new RRtype in referral responses). Some things a responder could do include: test setting the final DNS header flag (Z), send back unknown EDNS header flags, options. higher EDNS versions etc. All of these should in theory be ignored on reception. Stephane has also proposed that perhaps auth servers could do greasing only if they see greasing bits from queriers (which may be a bit safer?). Here is his proposed text: --- Authoritative name servers ******************************* Greasing MAY be used by authoritative name servers when they reply to queries. They MAY use it with EDNS flags, EDNS versions [TODO: see the question "Need some help in interpreting EDNS version negotiation" on dnsop] and EDNS option codes. Unlike the resolvers, the authoritative name servers do not have an easy way to detect that a reply with greasing caused problems. If a DNS requestor cannot handle greased replies, it should try with another name server of the zone but we cannot be sure they will all try that. And the other name servers may have the same greasing, and trigger the same issues. Managers of a zone may perform active measurements to know if their zone works well with greasing, or to rely on reports by users. Therefore, greasing by the authoritative name server MUST be disabled by default. To increase the probability of successful DNS resolution, greasing SHOULD be at random (see section 6 "Sampled Selection of Traffic").
_______________________________________________ DNSOP mailing list -- dnsop@ietf.org To unsubscribe send an email to dnsop-le...@ietf.org
