Ted Lemon <mel...@fugue.com> writes: > El 15 ag 2017, a les 15:38, Toke Høiland-Jørgensen <t...@toke.dk> va escriure: >>> I think we are wandering off into nonsense territory here. Have you >>> observed this sort of problem in the field? If so, can you describe >>> what happened? If not, why would we optimize for it? >> >> If you consider flaky ISP DNS servers to be "nonsense" you are clearly >> more fortunate with your ISPs than me. And that's before even going into >> the DNS censorship issue; in my part of the world ISP DNS servers are >> broken *by design*. > > In both of these cases, you are better off doing what we discussed > earlier and setting up your own DNS cache, possibly with a whitelist > for domains you want to send to the ISP forwarder.
Sure, and that's what I usually do. But if we can't specify that behaviour for homenet, at least trying all upstream DNS servers gives a better chance of finding one that works. >>>> Right, so if this is the case, how about we specify that routers MAY (or >>>> maybe even SHOULD) support MPvD-specific resolver addresses, and >>>> advertise the fact over HNCP. And that if a router receives such an >>>> announcement from another router it MUST announce the MPvD-specific >>>> resolver addresses over DHCP/RA. This way we ensure that *if* a router >>>> on the network implements MPvD it is going to work for the whole >>>> network; but routers can still opt to not implement the functionality >>>> itself if the implementer doesn't want to pay the implementation cost. >>> >>> Can you describe for us what this implementation cost is that you want >>> to avoid? >> >> Can you describe for us how multiplying the number of resolvers by N (or >> MxN if we follow your suggestion of running a full set of resolvers on >> every router) is *not* going to incur a significant implementation and >> debugability cost? > > It's just a bunch of ports/address pairs, with one thing listening on > all of them, and using the port/address pair as a behavioral selector. > I'm not going to say that it's zero effort, but it's not hard. > Honestly, every home router right now has some kind of DNS proxy or > DNS resolver in it; this is not a big change. Compared to, say, > implementing HNCP or DNSSD, it's utterly trivial. You may be right that hacking up a working prototype isn't that hard. But the failure modes change from "the internet is down" or may "I cannot access site A", to "site A is working every third attempt, except it is entirely broken on device X" maybe even with an added "ah, but it works on device X if I go into the kitchen". Hmm, while writing this is occurred to me that it might make sense to just export the ISP DNS server(s) directly in the MPvD-only RAs? -Toke _______________________________________________ homenet mailing list homenet@ietf.org https://www.ietf.org/mailman/listinfo/homenet
