On Fri, Mar 23, 2018 at 06:32:07PM +0000, Ondřej Surý wrote: > What’s so wrong of using TYPExxx for these if you absolutely need them to run > the ancient technology while at the same time running the latest version of > BIND (or your favorite DNS server)? > > Your argument feels like strawman to me. And I am not the one sitting on a > pile of passive DNS data, so I can’t pull the numbers... > > We are not taking the ability to put random TYPEnnn records into the zone, we > are just saying the tools just won’t understand them anymore. Again nothing > is going to break on the day one.
Ondrej, I think the issue here is just because it's not commonly seen on the public internet, doesn't mean it's not used. We don't use DHCP to configure p2p links on routers, this doesn't mean that DHCP can go away, it's used elsewhere. I think what Paul is trying to point out is the same thing, some enterprises may still be using it internally. Just because we don't use the RR type in isc.org, nether.net, akamai.com doesn't mean nobody is using it for their internal networks. We should attempt to determine who may be using it. This can be done by logging or a survey of folks doing slave zones, etc. isc/bind can and perhaps should implement logging for these rrtypes that say they may be going away so folks can see the impact. ISC/bind also have a history of doing this with the warn & fail directives in the named.conf file, which would be a great way to expose these types of items. check-old-rrtype (warn|fail|ignore) or something similar would be useful to an actual operator. here's some data on rrtypes seen in my nameserver. - Jared server0.queries=109159256 server1.queries=100199925 num.queries=209359181 num.type.TYPE0=27 num.type.A=98905962 num.type.NS=3428038 num.type.MD=0 num.type.MF=0 num.type.CNAME=949771 num.type.SOA=807788 num.type.MB=0 num.type.MG=0 num.type.MR=0 num.type.NULL=28 num.type.WKS=0 num.type.PTR=8847792 num.type.HINFO=1178 num.type.MINFO=0 num.type.MX=4110956 num.type.TXT=1164968 num.type.RP=0 num.type.AFSDB=2018 num.type.X25=0 num.type.ISDN=0 num.type.RT=0 num.type.NSAP=0 num.type.SIG=0 num.type.KEY=0 num.type.PX=0 num.type.AAAA=64526576 num.type.LOC=2288 num.type.NXT=780 num.type.TYPE31=108 num.type.SRV=2194823 num.type.NAPTR=18707 num.type.KX=0 num.type.CERT=6 num.type.TYPE38=238830 num.type.DNAME=9 num.type.OPT=0 num.type.APL=0 num.type.DS=177999 num.type.SSHFP=4846 num.type.IPSECKEY=0 num.type.RRSIG=20178 num.type.NSEC=281 num.type.DNSKEY=2261055 num.type.DHCID=0 num.type.NSEC3=0 num.type.NSEC3PARAM=2596 num.type.TLSA=22176 num.type.TYPE53=8 num.type.CDS=2267 num.type.CDNSKEY=2027 num.type.OPENPGPKEY=0 num.type.CSYNC=0 num.type.TYPE65=2 num.type.TYPE92=9 num.type.SPF=109981 num.type.NID=0 num.type.L32=0 num.type.L64=0 num.type.LP=0 num.type.EUI48=0 num.type.EUI64=0 num.type.TYPE127=5 num.type.TYPE143=1 num.type.TYPE165=1 num.type.TYPE191=335 num.type.TYPE222=3 num.type.TYPE223=27 num.type.TYPE239=29 num.type.TYPE240=2 num.type.TYPE243=2 num.type.TYPE246=1 num.type.TYPE247=41 num.type.TYPE251=26458 num.type.TYPE252=3312 num.type.TYPE253=42 num.type.TYPE254=29 num.type.TYPE255=21357118 num.opcode.QUERY=209248548 num.opcode.NOTIFY=80330 num.class.IN=209324746 num.class.CH=4132 num.rcode.NOERROR=138257521 num.rcode.FORMERR=417 num.rcode.SERVFAIL=132820 num.rcode.NXDOMAIN=25011450 num.rcode.NOTIMP=56046 num.rcode.REFUSED=36625841 num.rcode.YXDOMAIN=0 num.rcode.NOTAUTH=4 num.edns=189357953 num.ednserr=307 num.udp=171926848 num.udp6=28159814 num.tcp=9107734 num.tcp6=164785 num.answer_wo_aa=703271 num.rxerr=0 num.txerr=6 num.raxfr=54 num.truncated=12595885 num.dropped=2592 zone.master=70 zone.slave=9350 -- Jared Mauch | pgp key available via finger from ja...@puck.nether.net clue++; | http://puck.nether.net/~jared/ My statements are only mine. _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop