[Docs] [txt|pdf] [Tracker] [WG] [Email] [Diff1] [Diff2] [Nits]

Versions: 00 01 02 03 04

dnsop                                                             J. Yao
Internet-Draft                                                  P. Vixie
Intended status: Standards Track         CNNIC-Farsight Joint Laboratory
Expires: April 27, 2017                                          N. Kong
                                                                   X. Li
                                                                   CNNIC
                                                        October 24, 2016


   A DNS Query including A Main Question with Accompanying Questions
               draft-yao-dnsop-accompanying-questions-01

Abstract

   This document enables DNS initiators to send a main question
   accompanying with several related questions in a single DNS query,
   and enables DNS responders to put the answers into a single DNS
   response.  This mechanism can reduce the number of DNS round-trips
   per application work-unit.

Status of This Memo

   This Internet-Draft is submitted in full conformance with the
   provisions of BCP 78 and BCP 79.

   Internet-Drafts are working documents of the Internet Engineering
   Task Force (IETF).  Note that other groups may also distribute
   working documents as Internet-Drafts.  The list of current Internet-
   Drafts is at http://datatracker.ietf.org/drafts/current/.

   Internet-Drafts are draft documents valid for a maximum of six months
   and may be updated, replaced, or obsoleted by other documents at any
   time.  It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than as "work in progress."

   This Internet-Draft will expire on April 27, 2017.

Copyright Notice

   Copyright (c) 2016 IETF Trust and the persons identified as the
   document authors.  All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents
   (http://trustee.ietf.org/license-info) in effect on the date of
   publication of this document.  Please review these documents
   carefully, as they describe your rights and restrictions with respect
   to this document.  Code Components extracted from this document must



Yao, et al.              Expires April 27, 2017                 [Page 1]


Internet-Draft            accompanying-queries              October 2016


   include Simplified BSD License text as described in Section 4.e of
   the Trust Legal Provisions and are provided without warranty as
   described in the Simplified BSD License.

   This document may contain material from IETF Documents or IETF
   Contributions published or made publicly available before November
   10, 2008.  The person(s) controlling the copyright in some of this
   material may not have granted the IETF Trust the right to allow
   modifications of such material outside the IETF Standards Process.
   Without obtaining an adequate license from the person(s) controlling
   the copyright in such materials, this document may not be modified
   outside the IETF Standards Process, and derivative works of it may
   not be created outside the IETF Standards Process, except to format
   it for publication as an RFC or to translate it into languages other
   than English.

Table of Contents

   1.  Introduction  . . . . . . . . . . . . . . . . . . . . . . . .   2
   2.  Terminology . . . . . . . . . . . . . . . . . . . . . . . . .   3
   3.  Mechanism for a main question with accompanying questions . .   3
   4.  Responder Processing  . . . . . . . . . . . . . . . . . . . .   5
   5.  Initiator Processing  . . . . . . . . . . . . . . . . . . . .   5
   6.  Query and Response Example  . . . . . . . . . . . . . . . . .   6
   7.  IANA Considerations . . . . . . . . . . . . . . . . . . . . .   7
   8.  Security Considerations . . . . . . . . . . . . . . . . . . .   7
   9.  Acknowledgements  . . . . . . . . . . . . . . . . . . . . . .   7
   10. Change History  . . . . . . . . . . . . . . . . . . . . . . .   7
     10.1.  draft-yao-dnsop-accompanying-questions: Version 00 . . .   7
     10.2.  draft-yao-dnsop-accompanying-questions: Version 01 . . .   7
   11. Normative References  . . . . . . . . . . . . . . . . . . . .   8
   Authors' Addresses  . . . . . . . . . . . . . . . . . . . . . . .   8

1.  Introduction

   There are many scenarios in which an application must send several
   related questions to a DNS responder.  For examples, when asking
   about a QTYPE=A RRset, a QTYPE=AAAA RRset may also be of use [RFC
   5321]; When asking for some RRset of www.example.com about A and
   AAAA, records of a sub-domain name such as _443._tcp.www.example.com
   for TLSA may be of interest[RFC 6698].

   Query example.com for A and AAAA

   Query www.example.com for A and AAAA, and _443._tcp.www.example.com
   for TLSA





Yao, et al.              Expires April 27, 2017                 [Page 2]


Internet-Draft            accompanying-queries              October 2016


   This document describes a method by which DNS initiators can send a
   main question accompanying with several related questions in a single
   DNS query, and enables DNS responders place all related answers into
   a single DNS response.  This mechanism can reduce the number of DNS
   round-trips per application work-unit, by carrying several related
   queries in a single query transaction.

2.  Terminology

   The basic key words such as "MUST", "MUST NOT", "SHALL", "SHALL NOT",
   "SHOULD", "SHOULD NOT", "MAY", and "MAYNOT" are to be interpreted as
   described in [RFC2119].

   The basic DNS terms used in this specification are defined in the
   documents [RFC1034] and [RFC1035].

3.  Mechanism for a main question with accompanying questions

   The initiator still puts a main question into the question section of
   the DNS query packet, as described in [RFC1035].  Accompanying
   questions will be put into the variable part of an OPT RR [RFC6891].

   The variable part of an OPT RR is encoded in its RDATA and is
   structured as the following:


                +0 (MSB)                            +1 (LSB)
     +---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+
  0: |                          OPTION-CODE                          |
     +---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+
  2: |                         OPTION-LENGTH                         |
     +---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+
  4: |                                                               |
     /                          OPTION-DATA                          /
     /                                                               /
     +---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+

   OPTION-CODE    (Assigned by IANA.)

   OPTION-LENGTH  Size (in octets) of OPTION-DATA.

   OPTION-DATA    including at most 8 accompanying questions with AQ-RCODE.









Yao, et al.              Expires April 27, 2017                 [Page 3]


Internet-Draft            accompanying-queries              October 2016


       0   1   2   3   4   5   6   7   8   9   0   1   2   3   4   5
     +---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+
     |AQ |   Count   |                 AQ-RCODE                      |
     +---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+
     |                  AQ-TYPE                                      |
     +---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+
     |                                                               |
     /             Prefix                                            /
     /                                                               /
     +---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+
     |AQ |    Seq    |                 AQ-RCODE                      |
     +---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+
     |                  AQ-TYPE                                      |
     +---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+
     |                                                               |
     /            Prefix                                             /
     /                                                               /
     +---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+
     |AQ |    Seq    |                 AQ-RCODE                      |
     +---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+
     |                  AQ-TYPE                                      |
     +---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+
     |                                                               |
     /            Prefix                                             /
     /                                                               /
     +---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+
     |                                                               |
     /                          ......                               /
     /                                                               /





   o  AQ field indicates whether this accompanying question is the first
      question.  If it is set as 1, this question is the first question.

   o  Count field represents the total numbers of all accompanying
      questions.  Seq field represents the sequence number of
      accompanying questions from 1 to 7 There will have at most 8
      accompanying questions.

   o  AQ-RCODE field will be set to 111111110100 bits when being
      initialized.  The AQ-RCODE with the value of 111111110100 bits
      means that the mechanism for accompanying has not been
      implemented, where "0100" in the RCODE value is "not been
      implemented".  The AQ aware responders will put the RCODE value
      for the query of this question into AQ-RCODE fields.



Yao, et al.              Expires April 27, 2017                 [Page 4]


Internet-Draft            accompanying-queries              October 2016


   o  Prefix field is a substring between the main domain name of the
      main quesiton and the accompanying domain name of the accompanying
      question.  That is, if the main domain name is string S and the
      accompanying domain name is string S1, the prefix is (S-S1).  For
      an example, if the main domain name is example.com and the
      accompanying domain name is mail.example.com, the prefix is
      "mail.".

4.  Responder Processing

   The AQ aware responder will check the main question first, and put
   the results into the DNS response packet.  If the AQ OPT is present,
   the responder assembles the prefix with the main domain name and make
   it to be an accompanying question, checks the accompanying questions
   in order, and put the results into the DNS answer section of the
   response following RFC 1034; but the response code is placed in the
   respective AQ-RCODE field in AQ OPT of the response.  The RCODE field
   in the DNS response header refers to the main question only.  An AQ
   unaware responder is expected to ignore the AQ OPT of the query, and
   may echo the received OPT back into additional section of the
   response message.

5.  Initiator Processing

   An AQ aware initiator will put the main question into the question
   section of the DNS query packet, and put related accompanying
   questions into the Accompanying Question fields of OPTION-DATA of OPT
   RR.  AQ-RCODE value will be sent as 111111110100 bits.  The AQ value
   should be set to 1 and Count value should be set to total number of
   accompanying questions, if the accompanying question is the first
   one; For the remain accompanying questions, the AQ value should be
   set to 0 and Seq value should be set to the sequence of the
   corresponding accompanying questions.  The AQ-TYPE value should be
   set as the query type related accomanying questions.  The Prefix
   should be set as the substring between the main domain name of the
   main quesiton and the accompanying domain name of the accompanying
   question.  If the main domain name and the accompanying domain name
   are same, the Prefix should be set as all zero bits.

   If the initial value of the AQ-RCODE is unchanged in the response, it
   indicates that the responder is AQ unaware.  In that case, the
   responder will deal with the main question only.  The initiator
   should sent the accompanying questions one by one via the normal DNS
   query.  In such followup related queries, AQ processing should
   probably not be attempted, to reduce waste of network resources.






Yao, et al.              Expires April 27, 2017                 [Page 5]


Internet-Draft            accompanying-queries              October 2016


6.  Query and Response Example

  Example: one main question with 2 accompanying questions

    The query would look like:

               +---------------------------------------------------+
    Header     | OPCODE=SQUERY                                     |
               +---------------------------------------------------+
    Question   | QNAME=EXAMPLE.COM., QCLASS=IN, QTYPE=A            |
               +---------------------------------------------------+
    Answer     |                                                   |
               +---------------------------------------------------+
    Authority  | <empty>                                           |
               +---------------------------------------------------+
    Additional |                                                   |
               | AQ=1,Count=2,AQ-TYPE=AAAA,AQ-RCODE=111111110100,  |
               | Prefix=0,                                         |
               | AQ=0, SEQ=1,AQ-TYPE=TLSA,,AQ-RCODE=111111110100,  |
               | Prefix=_443._tcp.,                                |
               +---------------------------------------------------+

    The response from AQ aware responders would be:

               +---------------------------------------------------+
    Header     | OPCODE=SQUERY,  RESPONSE, AA, RCODE=NOERROR       |
               +---------------------------------------------------+
    Question   | QNAME=EXAMPLE.COM., QCLASS=IN, QTYPE=A            |
               +---------------------------------------------------+
    Answer     |        example.com  IN A 192.168.0.1              |
               |        example.com. IN AAAA 2001:cc8::1           |
               |   _443._tcp.example.com. IN TLSA                  |
               |        ( 3 0 0 30820307308201efa003020102020... ) |
               +---------------------------------------------------+
    Authority  | <empty>                                           |
               +---------------------------------------------------+
    Additional |                                                   |
               | AQ=1, COUNT=2, AQ-TYPE=AAAA, AQ-RCODE=NOERROR,    |
               | Prefix=0,                                         |
               | AQ=0, SEQ=1, AQ-TYPE=TLSA, AQ-RCODE=NOERROR,      |
               | Prefix=443._tcp.,                                 |
               +---------------------------------------------------+


        The response from AQ unaware responders  would be:

               +---------------------------------------------------+
    Header     | OPCODE=SQUERY,  RESPONSE, AA, RCODE=NOERROR       |



Yao, et al.              Expires April 27, 2017                 [Page 6]


Internet-Draft            accompanying-queries              October 2016


               +---------------------------------------------------+
    Question   | QNAME=EXAMPLE.COM., QCLASS=IN, QTYPE=A            |
               +---------------------------------------------------+
    Answer     |        example.com  IN A 192.168.0.1              |
               +---------------------------------------------------+
    Authority  | <empty>                                           |
               +---------------------------------------------------+
    Additional |                                                   |
               | AQ=1, COUNT=2, AQ-TYPE=AAAA,AQ-RCODE=111111110100,|
               | Prefix=0,                                         |
               | AQ=0, SEQ=1, AQ-TYPE=TLSA, AQ-RCODE=111111110100, |
               | Prefix=443._tcp.,                                 |
               +---------------------------------------------------+


7.  IANA Considerations

   IANA should allocate DNS EDNS0 Option Codes (OPT) following this
   document.  IANA should reserve RCODE with the value of 111111110100
   bits for this document.

8.  Security Considerations

   TBD

9.  Acknowledgements

   The authors thank the members in DNSOP mailing list for helpful
   discussions, and especially thank Kazunori Fujiwara for kind
   comments, suggestions and improvments for the document.

10.  Change History

   RFC Editor: Please remove this section.

10.1.  draft-yao-dnsop-accompanying-questions: Version 00

   o  A Mechanism for DNS query including one main question with several
      accompanying questions

10.2.  draft-yao-dnsop-accompanying-questions: Version 01

   o  Simpilfy the mechanism.








Yao, et al.              Expires April 27, 2017                 [Page 7]


Internet-Draft            accompanying-queries              October 2016


11.  Normative References

   [RFC1034]  Mockapetris, P., "Domain names - concepts and facilities",
              STD 13, RFC 1034, DOI 10.17487/RFC1034, November 1987,
              <http://www.rfc-editor.org/info/rfc1034>.

   [RFC1035]  Mockapetris, P., "Domain names - implementation and
              specification", STD 13, RFC 1035, DOI 10.17487/RFC1035,
              November 1987, <http://www.rfc-editor.org/info/rfc1035>.

   [RFC2119]  Bradner, S., "Key words for use in RFCs to Indicate
              Requirement Levels", BCP 14, RFC 2119,
              DOI 10.17487/RFC2119, March 1997,
              <http://www.rfc-editor.org/info/rfc2119>.

   [RFC5321]  Klensin, J., "Simple Mail Transfer Protocol", RFC 5321,
              DOI 10.17487/RFC5321, October 2008,
              <http://www.rfc-editor.org/info/rfc5321>.

   [RFC6698]  Hoffman, P. and J. Schlyter, "The DNS-Based Authentication
              of Named Entities (DANE) Transport Layer Security (TLS)
              Protocol: TLSA", RFC 6698, DOI 10.17487/RFC6698, August
              2012, <http://www.rfc-editor.org/info/rfc6698>.

   [RFC6891]  Damas, J., Graff, M., and P. Vixie, "Extension Mechanisms
              for DNS (EDNS(0))", STD 75, RFC 6891,
              DOI 10.17487/RFC6891, April 2013,
              <http://www.rfc-editor.org/info/rfc6891>.

Authors' Addresses

   Jiankang Yao
   CNNIC-Farsight Joint Laboratory
   4 South 4th     Street,Zhongguancun,Haidian     District
   Beijing, Beijing  100190
   China

   Phone: +86 10   5881 3007
   Email: yaojk@cnnic.cn












Yao, et al.              Expires April 27, 2017                 [Page 8]


Internet-Draft            accompanying-queries              October 2016


   Paul Vixie
   CNNIC-Farsight Joint Laboratory
   4 South 4th     Street,Zhongguancun,Haidian     District
   Beijing, Beijing  100190
   China

   Phone: +1 650 489 7919
   Email: vixie@fsi.io


   Ning Kong
   CNNIC
   4 South 4th     Street,Zhongguancun,Haidian     District
   Beijing, Beijing  100190
   China

   Phone: +86 10   5881 3147
   Email: nkong@cnnic.cn


   Xiaodong Li
   CNNIC
   4 South 4th     Street,Zhongguancun,Haidian     District
   Beijing, Beijing  100190
   China

   Phone: +86 10   5881 3020
   Email: xl@cnnic.cn























Yao, et al.              Expires April 27, 2017                 [Page 9]


Html markup produced by rfcmarkup 1.129b, available from https://tools.ietf.org/tools/rfcmarkup/