Episode Description
In this episode of PING, APNIC Chief Scientist Geoff Huston discusses running advertising-based experiments and a problem of interest in the modern DNS.
DNS fundamentally requires end users, their chosen resolver provider, and the authoritative servers for the names they query to cooperate in a coordinated exchange over IP protocols to answer DNS questions. The specifics of how these queries are encoded and transmitted become complex very quickly, but a particular issue is emerging in how we define, in normative and strongly binding terms, the way the protocol is expected to behave. This will shape future deployment decisions, implementation choices, and operational dependencies.
The question centres on the use of IPv6 within the DNS ecosystem as a whole. Can we yet say that IPv6-only DNS can be relied upon in operational practice? And if so, should that position be written into the guidance an RFC may define, were it to be elevated to the status of a Best Current Practice (BCP) or BCP document?
Geoff is exploring how to measure this by exploiting a DNS model known as ‘glueless’. In this approach, the additional ‘glue’ records that are typically passed around behind the scenes to keep DNS resolution working are not provided by the authoritative server to the resolver. As a result, the resolver is forced to issue further queries, which can in turn be constrained to use IPv6 only.
These queries are conducted without many of the usual measurement artefacts — such as error introduced when users close a browser session prematurely, or when attention drifts away from the web page that triggered an advertisement-based test.
Some interesting variances are emerging when you look at this data by geographic region and origin-AS.
DNS fundamentally requires all of the end users, their chosen resolver provider and the authoritative servers of the names they ask about, to cooperate in a dance over IP protocols to answer DNS questions. The specifics of how these questions encode and are passed around get complex very quickly but a specific problem is emerging in how we define "normatively", with strong force, the ways this protocol works. This is going to affect future deployment, code, and operational dependencies.
The question relates to the use of IPv6, inside the DNS system at large. Can we yet declare that IPv6 only DNS can be used reliably, and should we write it into the operational practices an RFC can define if it's elevated to the status of a Best Current Practice or BCP document?
Geoff is exploring measurement of this question, by exploiting a model of DNS which is called "glueless" -the extra "glue" which is typically passed around behind the scenes to make DNS work, is not given by the authoritative server to the resolver, and this forces the DNS resolver to ask more questions, which can be in turn forced to be delivered over IPv6 only. These questions are run with none of the usual concerns about the error rate due to drop off by users closing a browser session, and the problems in measurement seen with end users, whose minds may wander away from the web page triggering the advert.
Some interesting variances are emerging when you look at this data by geographic region and origin-AS.
DNS fundamentally requires end users, their chosen resolver provider, and the authoritative servers for the names they query to cooperate in a coordinated exchange over IP protocols to answer DNS questions. The specifics of how these queries are encoded and transmitted become complex very quickly, but a particular issue is emerging in how we define, in normative and strongly binding terms, the way the protocol is expected to behave. This will shape future deployment decisions, implementation choices, and operational dependencies.
The question centres on the use of IPv6 within the DNS ecosystem as a whole. Can we yet say that IPv6-only DNS can be relied upon in operational practice? And if so, should that position be written into the guidance an RFC may define, were it to be elevated to the status of a Best Current Practice (BCP) or BCP document?
Geoff is exploring how to measure this by exploiting a DNS model known as ‘glueless’. In this approach, the additional ‘glue’ records that are typically passed around behind the scenes to keep DNS resolution working are not provided by the authoritative server to the resolver. As a result, the resolver is forced to issue further queries, which can in turn be constrained to use IPv6 only.
These queries are conducted without many of the usual measurement artefacts — such as error introduced when users close a browser session prematurely, or when attention drifts away from the web page that triggered an advertisement-based test.
Some interesting variances are emerging when you look at this data by geographic region and origin-AS.
DNS fundamentally requires all of the end users, their chosen resolver provider and the authoritative servers of the names they ask about, to cooperate in a dance over IP protocols to answer DNS questions. The specifics of how these questions encode and are passed around get complex very quickly but a specific problem is emerging in how we define "normatively", with strong force, the ways this protocol works. This is going to affect future deployment, code, and operational dependencies.
The question relates to the use of IPv6, inside the DNS system at large. Can we yet declare that IPv6 only DNS can be used reliably, and should we write it into the operational practices an RFC can define if it's elevated to the status of a Best Current Practice or BCP document?
Geoff is exploring measurement of this question, by exploiting a model of DNS which is called "glueless" -the extra "glue" which is typically passed around behind the scenes to make DNS work, is not given by the authoritative server to the resolver, and this forces the DNS resolver to ask more questions, which can be in turn forced to be delivered over IPv6 only. These questions are run with none of the usual concerns about the error rate due to drop off by users closing a browser session, and the problems in measurement seen with end users, whose minds may wander away from the web page triggering the advert.
Some interesting variances are emerging when you look at this data by geographic region and origin-AS.