This is the mail archive of the libc-help@sourceware.org mailing list for the glibc project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re: RFC 6724

From: Florian Weimer <fweimer at redhat dot com>
To: Phillip Hellewell <sshock at gmail dot com>
Cc: libc-help at sourceware dot org
Date: Mon, 12 Nov 2018 18:43:44 +0100
Subject: Re: RFC 6724
References: <CA+dWQFo-rHBGgAtBR54AHpj2mk5aG==2kmWrL7RuYD_KqAuSSA@mail.gmail.com> <87lg5yr17v.fsf@oldenburg.str.redhat.com> <CA+dWQFppeQKhKJqCj=PqaPD+=tDwNexHVPVeGXo+Um6wRYNoQg@mail.gmail.com>

* Phillip Hellewell:

> On Mon, Nov 12, 2018 at 4:20 AM Florian Weimer <fweimer@redhat.com> wrote:
>>
>> RFC 3484 has always been rather problematic (particularly Rule 9, which
>> we do not implement).
>>
>> I seriously doubt that there is any benefit from address sorting.  It's
>> a layering violation, and it makes renumbering harder because you now
>> need to consider the impact on address sorting.  Its core assumptions
>> are also quite wrong on many networks (e.g., private addresses often
>> have less georeplication than public Internet service, so public
>> addresses are closer by).
>>
>> In any case, I think address sorting should be performed by the caching
>> DNS resolver, not the stub resolver.
>
> An administrator of a given machine may not have any control over the
> DNS server, yet they should still be able to control address order,
> e..g., to prefer IPv4 over IPv6 or vice-versa.

If you can edit /etc/gai.conf, you can install Unbound or dnsmasq, too.

>> Do you have a setup that actually relies on address sorting?  Do you
>> have any examples where DNS provides a set of addresses for a single
>> name with different labels/precedence, so that sorting the addresses
>> actually has an effect?
>
> Yes, this happens all the time.  Look no further than google.com.  It
> has both A and AAAA.  As a system administrator, I should be able to
> set up my prefix policy table to prefer IPv4 over IPv6 if desired.
> That is just one example.

Do you have another example that does not involve sorting merely by
protocol?  Something that you have encountered personally?

> One should be able to control address order without having to set up
> and run their own special DNS server/proxy/whatever.

To be honest, I don't see any other way to get full RFC 6724 support
because the RFC requires various things for which I do not see direct
kernel support.

If we disable or limit sorting in glibc, at least you will be able to
get RFC 6724 support with a suitable NSS service module or caching DNS
server.

Thanks,
Florian

Follow-Ups:
- Re: RFC 6724
  - From: Phillip Hellewell

References:
- RFC 6724
  - From: Phillip Hellewell
- Re: RFC 6724
  - From: Florian Weimer
- Re: RFC 6724
  - From: Phillip Hellewell

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]