subject:"\[DNSOP\] \[Ext\] Implementor's status on draft\-ietf\-dnsop\-avoid\-fragmentation\: BIND 9"

Re: [DNSOP] [Ext] Implementor's status on draft-ietf-dnsop-avoid-fragmentation: BIND 9

2023-03-06 Thread Warren Kumari

Hello authors, chairs and WG,

I was wondering when we'd see an updated version of this document?
The IETF 116 "Internet-Draft submission cut-off" is 2023-03-13 (7 days from
now) - https://datatracker.ietf.org/meeting/116/important-dates/

I think that the requested changes were not particularly major, so
hopefully this can happen soon…


W


On Tue, Jan 24, 2023 at 11:26 AM, Warren Kumari  wrote:

> Hi all,
>
> Thank you to the authors, chairs and WG for wanting to make the document
> as good as it can be, even if that does require some more work.
>
> The chairs have requested that I return it to the WG to get an
> implementation section added, and so I'll do so[0].
>
> Thanks again,
> W
>
> [0]: I'll keep the ballot text, cliffsnotes summary, review notes, etc all
> squirreled away somewhere so that it's easier and faster to progress when
> it returns to me / whoever the next OpsAD is...
>
>
>
>
> On Tue, Jan 24, 2023 at 9:46 AM, Tim Wicinski  wrote:
>
>> The chairs thank all for this feedback, even at this stage.  But it's
>> better to catch these issues now, than
>> later on in the process.
>>
>>
>> On Fri, Jan 20, 2023 at 3:52 PM Ondřej Surý  wrote:
>>
>>> I am indifferent about what label we stick on this, but perhaps the
>>> document should have a section on implementations?
>>>
>>> However, I do feel that the Security Considerations is missing on the
>>> risks of dropping packets, ICMP filtering and dangers of PMTUD.
>>>
>>> Also it feels weird to me that the IP_PMTUDISC_OMIT is used by: BIND 9,
>>> NSD, Unbound, Knot DNS and PowerDNS, but neither the fact nor the reasoning
>>> behind the option is ever mentioned here.
>>>
>>> Hence, I think the Implementors section should be added to the document.
>>
>>
>> an Implementation Section would be useful and generally they appear as an
>> Appendix.
>>
>> Ondrej, if you could suggest some text with what ISC will implement,
>> along with any reasoning, that would be a great start.
>>
>> tim
>>
>> ___
>> DNSOP mailing list
>> DNSOP@ietf.org
>> https://www.ietf.org/mailman/listinfo/dnsop
>>
>
___
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop

Re: [DNSOP] [Ext] Implementor's status on draft-ietf-dnsop-avoid-fragmentation: BIND 9

2023-01-24 Thread Tim Wicinski

On Tue, Jan 24, 2023 at 12:07 PM Ondřej Surý  wrote:

> Tim,
>
> I think I’ve just did that in the previous email. I feel that gathering
> information about more implementations first would be better, so the
> section on Implementation could be uniform for all gathered input.
>
> Ondrej
>

I agree, and will take your initial email as such.

tim

> --
> Ondřej Surý — ISC (He/Him)
>
> My working hours and your working hours may be different. Please do not
> feel obligated to reply outside your normal working hours.
>
> On 24. 1. 2023, at 15:47, Tim Wicinski  wrote:
>
> 
> The chairs thank all for this feedback, even at this stage.  But it's
> better to catch these issues now, than
> later on in the process.
>
>
> On Fri, Jan 20, 2023 at 3:52 PM Ondřej Surý  wrote:
>
>> I am indifferent about what label we stick on this, but perhaps the
>> document should have a section on implementations?
>>
>> However, I do feel that the Security Considerations is missing on the
>> risks of dropping packets, ICMP filtering and dangers of PMTUD.
>>
>> Also it feels weird to me that the IP_PMTUDISC_OMIT is used by: BIND 9,
>> NSD, Unbound, Knot DNS and PowerDNS, but neither the fact nor the reasoning
>> behind the option is ever mentioned here.
>>
>> Hence, I think the Implementors section should be added to the document.
>
>
> an Implementation Section would be useful and generally they appear as an
> Appendix.
>
> Ondrej, if you could suggest some text with what ISC will implement, along
> with any reasoning, that would be a great start.
>
> tim
>
>
___
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop

Re: [DNSOP] [Ext] Implementor's status on draft-ietf-dnsop-avoid-fragmentation: BIND 9

2023-01-24 Thread Ondřej Surý

Tim,I think I’ve just did that in the previous email. I feel that gathering information about more implementations first would be better, so the section on Implementation could be uniform for all gathered input.Ondrej--Ondřej Surý — ISC (He/Him)My working hours and your working hours may be different. Please do not feel obligated to reply outside your normal working hours.On 24. 1. 2023, at 15:47, Tim Wicinski  wrote:The chairs thank all for this feedback, even at this stage.  But it's better to catch these issues now, than later on in the process. On Fri, Jan 20, 2023 at 3:52 PM Ondřej Surý  wrote:I am indifferent about what label we stick on this, but perhaps the document should have a section on implementations?

However, I do feel that the Security Considerations is missing on the risks of dropping packets, ICMP filtering and dangers of PMTUD.

Also it feels weird to me that the IP_PMTUDISC_OMIT is used by: BIND 9, NSD, Unbound, Knot DNS and PowerDNS, but neither the fact nor the reasoning behind the option is ever mentioned here.

Hence, I think the Implementors section should be added to the document.an Implementation Section would be useful and generally they appear as an Appendix. Ondrej, if you could suggest some text with what ISC will implement, along with any reasoning, that would be a great start.tim
___
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop

Re: [DNSOP] [Ext] Implementor's status on draft-ietf-dnsop-avoid-fragmentation: BIND 9

2023-01-24 Thread Tim Wicinski

Thanks Warren!

As we discussed, it appears I felt all comments had been addressed, but
missed some nuances.
In the next few days I'll reach out to these folks to help me suggest some
text on
adding an Implementations Section, but also making sure we've addressed all
comments.
My guess is we'll do another WGLC but let's not go there yet.

thanks for your patience
tim


On Tue, Jan 24, 2023 at 11:26 AM Warren Kumari  wrote:

> Hi all,
>
> Thank you to the authors, chairs and WG for wanting to make the document
> as good as it can be, even if that does require some more work.
>
> The chairs have requested that I return it to the WG to get an
> implementation section added, and so I'll do so[0].
>
> Thanks again,
> W
>
> [0]: I'll keep the ballot text, cliffsnotes summary, review notes, etc all
> squirreled away somewhere so that it's easier and faster to progress when
> it returns to me / whoever the next OpsAD is...
>
>
> On Tue, Jan 24, 2023 at 9:46 AM, Tim Wicinski  wrote:
>
>> The chairs thank all for this feedback, even at this stage.  But it's
>> better to catch these issues now, than
>> later on in the process.
>>
>>
>> On Fri, Jan 20, 2023 at 3:52 PM Ondřej Surý  wrote:
>>
>>> I am indifferent about what label we stick on this, but perhaps the
>>> document should have a section on implementations?
>>>
>>> However, I do feel that the Security Considerations is missing on the
>>> risks of dropping packets, ICMP filtering and dangers of PMTUD.
>>>
>>> Also it feels weird to me that the IP_PMTUDISC_OMIT is used by: BIND 9,
>>> NSD, Unbound, Knot DNS and PowerDNS, but neither the fact nor the reasoning
>>> behind the option is ever mentioned here.
>>>
>>> Hence, I think the Implementors section should be added to the document.
>>
>>
>> an Implementation Section would be useful and generally they appear as an
>> Appendix.
>>
>> Ondrej, if you could suggest some text with what ISC will implement,
>> along with any reasoning, that would be a great start.
>>
>> tim
>>
>> ___
>> DNSOP mailing list
>> DNSOP@ietf.org
>> https://www.ietf.org/mailman/listinfo/dnsop
>>
>
>
___
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop

Re: [DNSOP] [Ext] Implementor's status on draft-ietf-dnsop-avoid-fragmentation: BIND 9

2023-01-24 Thread Warren Kumari

Hi all,

Thank you to the authors, chairs and WG for wanting to make the document as
good as it can be, even if that does require some more work.

The chairs have requested that I return it to the WG to get an
implementation section added, and so I'll do so[0].

Thanks again,
W

[0]: I'll keep the ballot text, cliffsnotes summary, review notes, etc all
squirreled away somewhere so that it's easier and faster to progress when
it returns to me / whoever the next OpsAD is...

On Tue, Jan 24, 2023 at 9:46 AM, Tim Wicinski  wrote:

> The chairs thank all for this feedback, even at this stage.  But it's
> better to catch these issues now, than
> later on in the process.
>
>
> On Fri, Jan 20, 2023 at 3:52 PM Ondřej Surý  wrote:
>
> I am indifferent about what label we stick on this, but perhaps the
> document should have a section on implementations?
>
> However, I do feel that the Security Considerations is missing on the
> risks of dropping packets, ICMP filtering and dangers of PMTUD.
>
> Also it feels weird to me that the IP_PMTUDISC_OMIT is used by: BIND 9,
> NSD, Unbound, Knot DNS and PowerDNS, but neither the fact nor the reasoning
> behind the option is ever mentioned here.
>
> Hence, I think the Implementors section should be added to the document.
>
>
> an Implementation Section would be useful and generally they appear as an
> Appendix.
>
> Ondrej, if you could suggest some text with what ISC will implement, along
> with any reasoning, that would be a great start.
>
> tim
>
> ___
> DNSOP mailing list
> DNSOP@ietf.org
> https://www.ietf.org/mailman/listinfo/dnsop
>
___
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop

Re: [DNSOP] [Ext] Implementor's status on draft-ietf-dnsop-avoid-fragmentation: BIND 9

2023-01-24 Thread Tim Wicinski

The chairs thank all for this feedback, even at this stage.  But it's
better to catch these issues now, than
later on in the process.

On Fri, Jan 20, 2023 at 3:52 PM Ondřej Surý  wrote:

> I am indifferent about what label we stick on this, but perhaps the
> document should have a section on implementations?
>
> However, I do feel that the Security Considerations is missing on the
> risks of dropping packets, ICMP filtering and dangers of PMTUD.
>
> Also it feels weird to me that the IP_PMTUDISC_OMIT is used by: BIND 9,
> NSD, Unbound, Knot DNS and PowerDNS, but neither the fact nor the reasoning
> behind the option is ever mentioned here.
>
> Hence, I think the Implementors section should be added to the document.

an Implementation Section would be useful and generally they appear as an
Appendix.

Ondrej, if you could suggest some text with what ISC will implement, along
with any reasoning, that would be a great start.

tim
___
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop

Re: [DNSOP] [Ext] Implementor's status on draft-ietf-dnsop-avoid-fragmentation: BIND 9

2023-01-20 Thread Ondřej Surý

I am indifferent about what label we stick on this, but perhaps the document 
should have a section on implementations?

However, I do feel that the Security Considerations is missing on the risks of 
dropping packets, ICMP filtering and dangers of PMTUD.

Also it feels weird to me that the IP_PMTUDISC_OMIT is used by: BIND 9, NSD, 
Unbound, Knot DNS and PowerDNS, but neither the fact nor the reasoning behind 
the option is ever mentioned here.

Hence, I think the Implementors section should be added to the document. 

Ondrej
--
Ondřej Surý — ISC (He/Him)

My working hours and your working hours may be different. Please do not feel 
obligated to reply outside your normal working hours.

> On 20. 1. 2023, at 16:20, Paul Hoffman  wrote:
> 
> Given the long list of things in this document that ISC has thought about 
> and actively decided not to do, is it a good idea that we call it a "best 
> current practice"?
> 
> --Paul Hoffman
> 
> ___
> DNSOP mailing list
> DNSOP@ietf.org
> https://www.ietf.org/mailman/listinfo/dnsop

___
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop

Re: [DNSOP] [Ext] Implementor's status on draft-ietf-dnsop-avoid-fragmentation: BIND 9

2023-01-20 Thread Paul Vixie

On Fri Jan 20, 2023 at 6:53 PM UTC, Paul Wouters wrote:
> It seems there should be more discussion which hopefully would lead to
> a converging BCP before moving forward. Hearing from other main
> implementations would be extremely helpful here.

i have always been a fan of ISC's work, but i agree with two implications
of the above observation. first, as stated, we should hear from more than
one dominant implementations. second, unstated above but implied, the
priorities of an implementer are sometimes time-variant (the implementer
may think differently later) and often narrow (having more to do with the
problems that implementer sees than with what the community can foresee.)

long before the heat death of the universe, packets must grow in order to
amortize header processing costs against larger payloads. yet fragmentation
must not return. we ought to pave a step or two down the path that EDNS
incorrectly precluded us from in its earliest and most ignorant form.

so, i appear to be +1 to mr. wouters' suggestion above, for those reasons.

vixie

___
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop

Re: [DNSOP] [Ext] Implementor's status on draft-ietf-dnsop-avoid-fragmentation: BIND 9

2023-01-20 Thread Paul Wouters


On Fri, 20 Jan 2023, Paul Hoffman wrote:


Given the long list of things in this document that ISC has thought about and actively 
decided not to do, is it a good idea that we call it a "best current practice"?


It seems there should be more discussion which hopefully would lead to
a converging BCP before moving forward. Hearing from other main
implementations would be extremely helpful here.

Paul

___
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop

Re: [DNSOP] [Ext] Implementor's status on draft-ietf-dnsop-avoid-fragmentation: BIND 9

2023-01-20 Thread Jim Reid

> On 20 Jan 2023, at 15:20, Paul Hoffman  wrote:
> 
> Given the long list of things in this document that ISC has thought about and 
> actively decided not to do, is it a good idea that we call it a "best current 
> practice"?

Maybe. Though a BCP should go beyond documenting what BIND9 does.

In many cases, what BIND9 does is the de facto BCP. However IMO a “real” BCP 
should include insights from other implementations and from operators.

___
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop

Re: [DNSOP] [Ext] Implementor's status on draft-ietf-dnsop-avoid-fragmentation: BIND 9

2023-01-20 Thread Paul Hoffman

Given the long list of things in this document that ISC has thought about and 
actively decided not to do, is it a good idea that we call it a "best current 
practice"?

--Paul Hoffman

___
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop

Re: [DNSOP] [Ext] Implementor's status on draft-ietf-dnsop-avoid-fragmentation: BIND 9

Re: [DNSOP] [Ext] Implementor's status on draft-ietf-dnsop-avoid-fragmentation: BIND 9

Re: [DNSOP] [Ext] Implementor's status on draft-ietf-dnsop-avoid-fragmentation: BIND 9

Re: [DNSOP] [Ext] Implementor's status on draft-ietf-dnsop-avoid-fragmentation: BIND 9

Re: [DNSOP] [Ext] Implementor's status on draft-ietf-dnsop-avoid-fragmentation: BIND 9

Re: [DNSOP] [Ext] Implementor's status on draft-ietf-dnsop-avoid-fragmentation: BIND 9

Re: [DNSOP] [Ext] Implementor's status on draft-ietf-dnsop-avoid-fragmentation: BIND 9

Re: [DNSOP] [Ext] Implementor's status on draft-ietf-dnsop-avoid-fragmentation: BIND 9

Re: [DNSOP] [Ext] Implementor's status on draft-ietf-dnsop-avoid-fragmentation: BIND 9

Re: [DNSOP] [Ext] Implementor's status on draft-ietf-dnsop-avoid-fragmentation: BIND 9

Re: [DNSOP] [Ext] Implementor's status on draft-ietf-dnsop-avoid-fragmentation: BIND 9

11 matches

Site Navigation

Mail list logo

Footer information