Re: [DNSOP] WGLC for draft-ietf-dnsop-tcp-requirements

Hi, The WGLC resulted in some good discussion of (mostly) small improvements to the text, which the authors are responding to. The chairs will be discussing advancement of this document in our next meeting. Thanks to everyone who commented. Suzanne for the chairs > On Apr 18, 2021, at 7:17

Re: [DNSOP] WGLC for draft-ietf-dnsop-tcp-requirements

John Kristoff wrote: > > However, I think we'd be reluctant to say much about minimal-answers > here in a context that suggests it is some sort of DDoS mitigation > mechanism and that you need it because... "TCP". Maybe there is some > adjustments to the text somewhere that can help highlight tha

Re: [DNSOP] WGLC for draft-ietf-dnsop-tcp-requirements

On Thu, 22 Apr 2021 20:23:19 +0100 Tony Finch wrote: > I needed minimal-any when my auth servers were being hammered by lots of > recursive servers making ANY requests; the responses were being truncated > because my servers have for a long time been configured to avoid > fragmentation, and the r

Re: [DNSOP] WGLC for draft-ietf-dnsop-tcp-requirements

Hi, Thanks for the quick response. See below. On Fri, Apr 23, 2021 at 1:36 PM Wessels, Duane wrote: > > > On Apr 22, 2021, at 11:50 AM, Donald Eastlake wrote: > > > > Hi, > > > > This is a good document and I support publication. > > > > However, I do have some comments. I scanned the Last Call

Re: [DNSOP] WGLC for draft-ietf-dnsop-tcp-requirements

> On Apr 22, 2021, at 11:50 AM, Donald Eastlake wrote: > > > Hi, > > This is a good document and I support publication. > > However, I do have some comments. I scanned the Last Call comments by > others, and they mostly seem like improvements, but some of my > comments below may duplicate ot

Re: [DNSOP] WGLC for draft-ietf-dnsop-tcp-requirements

Wessels, Duane wrote: > Thanks for looking through my suggestions! All the changes look good. A few follow-up points: > Oops, correcting myself here. It needs to be RFC 2541 because that is the > one that mentions TCP. Aha, that makes sense > > 2.4: > > > > Last 2 paragraph s re. avoiding fra

Re: [DNSOP] WGLC for draft-ietf-dnsop-tcp-requirements

Hi, This is a good document and I support publication. However, I do have some comments. I scanned the Last Call comments by others, and they mostly seem like improvements, but some of my comments below may duplicate others for which I apologize in advance. Section 3, last paragraph: Cut out wi

Re: [DNSOP] WGLC for draft-ietf-dnsop-tcp-requirements

> On Apr 21, 2021, at 4:39 PM, Wessels, Duane > wrote: > >> 2.2: >> >> DNSSEC originally specified in [RFC2541] >> >> I thought this should be RFC 2535 rather than the operational guidelines? > > Sure, 2535 works for me. > Oops, correcting myself here. It needs to be RFC 2541 because th

Re: [DNSOP] WGLC for draft-ietf-dnsop-tcp-requirements

On Wed, 2021-04-21 at 23:47 +, Wessels, Duane wrote: > > application. Applications must be coded and configured to make use > > of this filter. > > > > While it's good to point out that this feature exists, I do not think > > mandating it makes sense - implementers and operators might hav

Re: [DNSOP] WGLC for draft-ietf-dnsop-tcp-requirements

> On Apr 19, 2021, at 9:34 AM, Peter van Dijk > wrote: > >> This message starts the Working Group Last Call for >> draft-ietf-dnsop-tcp-requirements >> (https://secure-web.cisco.com/1GUztR-Nd5B-MpjncjmDNOnqlKoeK5-09UeTvbL1dFyQqc0x3GpwWIzNUMvS9B4MsWztiWQY9T4fEg5m6LLL1pIw6mIP3Glh5Dv0eS5QuBH0_E

Re: [DNSOP] WGLC for draft-ietf-dnsop-tcp-requirements

> On Apr 19, 2021, at 8:45 AM, Tony Finch wrote: > > Suzanne Woolf wrote: >> >> This message starts the Working Group Last Call for >> draft-ietf-dnsop-tcp-requirements > > I have read the draft and I am keen to see it published. Just the other > day I was having a discussion about whether T

Re: [DNSOP] WGLC for draft-ietf-dnsop-tcp-requirements

> On Apr 19, 2021, at 4:31 AM, Joe Abley wrote: > > > Hi Suz, > > On 18 Apr 2021, at 19:17, Suzanne Woolf wrote: > >> This message starts the Working Group Last Call for >> draft-ietf-dnsop-tcp-requirements >> (https://datatracker.ietf.org/doc/draft-ietf-dnsop-dns-tcp-requirements/) > >

Re: [DNSOP] WGLC for draft-ietf-dnsop-tcp-requirements

(no hats on) I've read this, and I agree it should move forward. Should there be a reference to RFC8499 in here as well? (with chairs hat on) Mr Finch made some editorial nits that I concur with. I also ran the Nits tool and found several outdated references, among other things. I've requested

Re: [DNSOP] WGLC for draft-ietf-dnsop-tcp-requirements

On Sun, Apr 18, 2021 at 4:17 PM Suzanne Woolf wrote: > Dear colleagues, > > > This message starts the Working Group Last Call > for draft-ietf-dnsop-tcp-requirements ( > https://datatracker.ietf.org/doc/draft-ietf-dnsop-dns-tcp-requirements/) > > Since this draft has not been recently discussed i

Re: [DNSOP] WGLC for draft-ietf-dnsop-tcp-requirements

On 19 Apr 2021, at 12:40, Peter van Dijk wrote: > This note on statelessness is good, but I don't think it should be tied to > IPv6. Packets get lost in IPv4 too, especially when they are big, and even if > such evens trigger a report in the form of an ICMP message, the same > lack-of-state pr

Re: [DNSOP] WGLC for draft-ietf-dnsop-tcp-requirements

On Mon, 2021-04-19 at 07:31 -0400, Joe Abley wrote: > NEW: > >For IPv4-connected hosts, the MTU is often the Ethernet payload >size of 1500 bytes. This means that the largest unfragmented >UDP DNS message that can be sent over IPv4 is likely 1472 bytes, >although tunnel encapsulat

Re: [DNSOP] WGLC for draft-ietf-dnsop-tcp-requirements

> This message starts the Working Group Last Call for > draft-ietf-dnsop-tcp-requirements > (https://datatracker.ietf.org/doc/draft-ietf-dnsop-dns-tcp-requirements/) This is a good document. One comment here: The FreeBSD, OpenBSD, and NetBSD operating systems have an "accept filter" fe

Re: [DNSOP] WGLC for draft-ietf-dnsop-tcp-requirements

Suzanne Woolf wrote: > > This message starts the Working Group Last Call for > draft-ietf-dnsop-tcp-requirements I have read the draft and I am keen to see it published. Just the other day I was having a discussion about whether TCP support is really needed, and I wanted something stronger than R

Re: [DNSOP] WGLC for draft-ietf-dnsop-tcp-requirements

On 18 Apr 2021, at 19:17, Suzanne Woolf wrote: > We’d like to advance this but it needs some active support, so we need to > hear from folks who have found it useful, especially implementers. I didn't mention explicitly before, sorry, but I think this is a good document, it's useful and it sho

Re: [DNSOP] WGLC for draft-ietf-dnsop-tcp-requirements

Hi John, On 19 Apr 2021, at 07:57, John Kristoff wrote: > On Mon, 19 Apr 2021 07:31:49 -0400 > Joe Abley wrote: > >> NEW: >> >> The specification of the DNS allows both UDP and TCP to be used >> as transport protocols for exchanging unencrypted DNS messages. >> However, for various rea

Re: [DNSOP] WGLC for draft-ietf-dnsop-tcp-requirements

On Mon, 19 Apr 2021 07:31:49 -0400 Joe Abley wrote: > NEW: > >The specification of the DNS allows both UDP and TCP to be used >as transport protocols for exchanging unencrypted DNS messages. >However, for various reasons, the availability of TCP transport >has sometimes been int

Re: [DNSOP] WGLC for draft-ietf-dnsop-tcp-requirements

Hi Suz, On 18 Apr 2021, at 19:17, Suzanne Woolf wrote: > This message starts the Working Group Last Call for > draft-ietf-dnsop-tcp-requirements > (https://datatracker.ietf.org/doc/draft-ietf-dnsop-dns-tcp-requirements/ >

Re: [DNSOP] WGLC for draft-ietf-dnsop-tcp-requirements

It's time to ship. I mean sure, if somebody who does detailed reading has a killer problem I can see we'd talk it out but we're 7 revisions in, its 4 years later, and it seems rational to document the expectation this is modern DNS, and we do TCP as a MUST SUPPORT, Auth and recursive. Its overdue.

[DNSOP] WGLC for draft-ietf-dnsop-tcp-requirements

Dear colleagues, This message starts the Working Group Last Call for draft-ietf-dnsop-tcp-requirements (https://datatracker.ietf.org/doc/draft-ietf-dnsop-dns-tcp-requirements/ ) Since this draft has not been recently dis

Re: [DNSOP] WGLC for draft-ietf-dnsop-tcp-requirements

Hi, I was reminded off-list that Warren is not in fact an author on this document— apologies for a bad cut-and-paste from the last WGLC I ran. Warren is handling tcp-requirements as our AD, as usual. Best, Suzanne (My mistake alone, co-chairs are blame-free!) > On Jan 12, 2020, at 12:38 PM, S

[DNSOP] WGLC for draft-ietf-dnsop-tcp-requirements

Dear colleagues, This message starts the Working Group Last Call for draft-ietf-dnsop-tcp-requirements (https://datatracker.ietf.org/doc/draft-ietf-dnsop-dns-tcp-requirements/ ) Since this draft has not been recently dis