[dns-operations] HTTP SRV, was Adding CNAME for the root domain issue

[Mark Andrews]

In message <20160429010351.67188.qmail at ary.lan>, "John Levine" writes:
> >But SRV additional data can't tell a client if the apparently missing
> >target addresses are actually missing. To avoid the extra round trip, the
> >SRV answer needs to be able to say, this target has no A / this target has
> >no AAAA.
> 
> I don't understand why this is a problem.  Wouldn't the client prefer
> the SRV answer to the A/AAAA, so if there's a SRV answer, it doesn't
> matter what the A/AAAA answer is?

CNAME always returns the target of the CNAME even if it is a CNAME
(rd=1 + ra=1).  CNAME gives DATA and NODATA for the target.  CNAME
sets TC=1 if the entire chain does not fit.

SRV may returns the target of the SRV if in the cache and if it is
not a CNAME.  SRV does not give NODATA for the target only DATA.
SRV does not set TC=1 if all the target address do not fit.

It would not be hard to signal that you want the SRV response to
give target NODATA semantics for both A and AAAA, targets to follow
CNAMES and TC=1 if the entire chain does not fit and that the
recursive server supports it.  Its just a matter of specifying the
exact semantics and updating recursive servers.

Browsers would then make SRV queries knowing that they will get the
entire chain if the server supports the updated behaviour.

If the recursive server doesn't support the updated behaviour they
will still normally get any A/AAAA record in the cache.  If the
target is a CNAME they will need to make A and AAAA queries (which
may be consolidatable).  If they do get A/AAAA records they can
just use those without additional queries unless connections fail
and they are missing addresses.

Mark

-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: marka at isc.org