--"Eric A. Hall" <ehall(_at_)ehsco(_dot_)com> wrote:
Yes, n-level redirection will be required, at best.
Hotmail is actually a pretty good practical example of sizing problems:
[ 17:13:46 -- goose:/var/log/ ]
[ ehall$ ] dig @ns1.hotmail.com. hotmail.com. any
Interesting example but there is an assumption hidden here. Are you aware
of many applications that are designed to do a certain job that use query
type "ANY"? I would assume that a smart application would do a query for
the information it needs, and only the information it needs. I'm pretty
sure Sendmail already does this for A, MX, PTR, etc.
If I'm correct, that means that the example of using "ANY" is kind of
spurious to this discussion.
; <<>> DiG 9.2.2 <<>> @ns1.hotmail.com. hotmail.com. any
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 47044
;; flags: qr aa rd; QUERY: 1, ANSWER: 11, AUTHORITY: 4, ADDITIONAL: 12
;; QUESTION SECTION:
;hotmail.com. IN ANY
;; ANSWER SECTION:
hotmail.com. 3600 IN A 64.4.32.7
hotmail.com. 3600 IN A 64.4.33.7
hotmail.com. 3600 IN MX 5 mx1.hotmail.com.
hotmail.com. 3600 IN MX 5 mx2.hotmail.com.
hotmail.com. 3600 IN MX 5 mx3.hotmail.com.
hotmail.com. 3600 IN MX 5 mx4.hotmail.com.
hotmail.com. 3600 IN NS ns1.hotmail.com.
hotmail.com. 3600 IN NS ns2.hotmail.com.
hotmail.com. 3600 IN NS ns3.hotmail.com.
hotmail.com. 3600 IN NS ns4.hotmail.com.
hotmail.com. 3600 IN SOA ns1.hotmail.com.
dns.hotmail.com. 2004052101 28800 3600 604800 3600
;; AUTHORITY SECTION:
hotmail.com. 3600 IN NS ns1.hotmail.com.
hotmail.com. 3600 IN NS ns2.hotmail.com.
hotmail.com. 3600 IN NS ns3.hotmail.com.
hotmail.com. 3600 IN NS ns4.hotmail.com.
;; ADDITIONAL SECTION:
mx1.hotmail.com. 3600 IN A 65.54.252.99
mx1.hotmail.com. 3600 IN A 64.4.50.99
mx1.hotmail.com. 3600 IN A 65.54.166.99
mx1.hotmail.com. 3600 IN A 64.4.50.50
mx2.hotmail.com. 3600 IN A 65.54.252.230
mx2.hotmail.com. 3600 IN A 65.54.190.7
mx2.hotmail.com. 3600 IN A 65.54.166.230
mx2.hotmail.com. 3600 IN A 65.54.190.50
mx3.hotmail.com. 3600 IN A 65.54.253.99
mx3.hotmail.com. 3600 IN A 65.54.167.5
mx3.hotmail.com. 3600 IN A 64.4.50.239
mx3.hotmail.com. 3600 IN A 64.4.50.179
;; Query time: 85 msec
;; SERVER: 216.200.206.140#53(ns1.hotmail.com.)
;; WHEN: Sat May 22 17:14:31 2004
;; MSG SIZE rcvd: 501
^^^ overflow limits triped, bailing!
You lopped off the mx4 RRset, and you left off the NS hosts too (you
should be giving them preference over the MX additional-data btw). The
lack of TCP support means that a full answer set is not possible.
Another point... it looks like more than half of this record is in the
"ADDITIONAL" section. That means the query didn't fail (in fact it says
NOERROR), it just didn't give you all the extra bells and whistles. All
the information you actually asked for is in the answer. If you have to do
a second query to resolve all the MX records to IP's, is that a big deal?
It's interesting to note that just asking for the _ep.hotmail.com TXT
records gives 310 bytes. By comparison, the query for hotmail.com MX (not
ANY) gives 437 bytes.
If I prime my cache with discrete data, I get:
[ 17:19:35 -- goose:/var/log/ ]
[ ehall$ ] dig @localhost. hotmail.com. any +vc
...
;; Query time: 27 msec
;; SERVER: 127.0.0.1#53(localhost.)
;; WHEN: Sat May 22 17:19:46 2004
;; MSG SIZE rcvd: 541
^^^ doh!
I can see why you would want/need to use some other owner name regardless
of the type, but that's a good reason *against* a practice, not a good
reason *for* stuffing entire XML documents into the system.
Please, use an RR that holds a URL pointing to an XML document instead.
I think we are in the MARID working group (Mail Authorization Records
_In_DNS_). Are you in the right place? :) Seriously, the efforts of the
work so far have focused on "lightweight" solutions and I don't think we
would win friends and influence people by requiring an HTTP session to be
opened for each lookup (or requiring clients to maintain an HTTP cache to
get down to almost the latency and bandwidth of DNS queries.) I think a
redirection to HTTP would be out of scope.
I believe most MARID records will be smaller than most KEY records, XML or
not, and I don't really believe we are proposing anything that misuses DNS,
let alone breaks it.
On a side note, I found your messages today sort of snide and
condescending. I am not sure if you mean to be snide or condescending, but
could you please make an effort to be constructive where possible?
Thanks
gregc
--
Greg Connor <gconnor(_at_)nekodojo(_dot_)org>