doc/draft/draft-ietf-dnsop-respsize-14.txt

	draft-ietf-dnsop-respsize-14.txt revision f2ea8c2f965be7ff4c59f805712c12d469226b7b
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan HuntInternet Engineering Task Force                                 P. Vixie
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan HuntInternet-Draft                               Internet Systems Consortium
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan HuntIntended status: Informational                                   A. Kato
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan HuntExpires: November 11, 2012                  Keio University/WIDE Project
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt                                                            May 10, 2012
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt                   DNS Referral Response Size Issues
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt                      draft-ietf-dnsop-respsize-14
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan HuntAbstract
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   With a mandated default minimum maximum UDP message size of 512
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   octets, the DNS protocol presents some special problems for zones
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   wishing to expose a moderate or high number of authority servers (NS
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   RRs).  This document explains the operational issues caused by, or
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   related to this response size limit, and suggests ways to optimize
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   the use of this limited space.  Guidance is offered to DNS server
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   implementors and to DNS zone operators.
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan HuntStatus of this Memo
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   This Internet-Draft is submitted in full conformance with the
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   provisions of BCP 78 and BCP 79.
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   Internet-Drafts are working documents of the Internet Engineering
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   Task Force (IETF).  Note that other groups may also distribute
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   working documents as Internet-Drafts.  The list of current Internet-
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   Drafts is at http://datatracker.ietf.org/drafts/current/.
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   Internet-Drafts are draft documents valid for a maximum of six months
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   and may be updated, replaced, or obsoleted by other documents at any
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   time.  It is inappropriate to use Internet-Drafts as reference
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   material or to cite them other than as "work in progress."
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   This Internet-Draft will expire on November 11, 2012.
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan HuntCopyright Notice
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   Copyright (c) 2012 IETF Trust and the persons identified as the
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   document authors.  All rights reserved.
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   This document is subject to BCP 78 and the IETF Trust's Legal
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   Provisions Relating to IETF Documents
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   (http://trustee.ietf.org/license-info) in effect on the date of
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   publication of this document.  Please review these documents
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   carefully, as they describe your rights and restrictions with respect
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   to this document.  Code Components extracted from this document must
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan HuntVixie & Kato            Expires November 11, 2012               [Page 1]
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan HuntInternet-Draft         DNS Referral Response Size               May 2012
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   include Simplified BSD License text as described in Section 4.e of
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   the Trust Legal Provisions and are provided without warranty as
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   described in the Simplified BSD License.
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   This document may contain material from IETF Documents or IETF
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   Contributions published or made publicly available before November
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   10, 2008.  The person(s) controlling the copyright in some of this
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   material may not have granted the IETF Trust the right to allow
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   modifications of such material outside the IETF Standards Process.
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   Without obtaining an adequate license from the person(s) controlling
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   the copyright in such materials, this document may not be modified
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   outside the IETF Standards Process, and derivative works of it may
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   not be created outside the IETF Standards Process, except to format
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   it for publication as an RFC or to translate it into languages other
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   than English.
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt1.  Introduction and Overview
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   The original DNS standard limited the UDP message size to 512 octets
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   (see Section 4.2.1 of [RFC1035]).  Even though this limitation was
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   due to the required minimum IP reassembly limit for IPv4, it became a
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   hard DNS protocol limit and is not implicitly relaxed by changes in a
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   network layer protocol, for example to IPv6.
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   The EDNS (Extension Mechanisms for DNS) protocol extension starting
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   with version 0 permits larger responses by mutual agreement of the
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   requester and responder (see Section 4.3 and Section 6.2 of
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   [RFC2671bis]), and it is recommended to support EDNS.  The 512 octets
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   UDP message size limit will remain in practical effect until
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   virtually all DNS servers and resolvers support EDNS.
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   Since DNS responses include a copy of the request, the space
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   available for response data is somewhat less than the full 512
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   octets.  Negative responses are quite small, but for positive and
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   referral responses, every octet must be carefully and sparingly
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   allocated.  While the response size of positive responses is also a
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   concern in [RFC3226], this document specifically addresses referral
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   response size.
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   While more than twelve years passed since the publication of the
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   original EDNS0 document [RFC2671], approximately 65% of the clients
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   support it as observed at a root name server and this fraction has
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   not changed in recent few years.  The long tail of EDNS deployment
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   may eventually be measured in decades.
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   Even if EDNS deployment reached 100% of all DNS initiators and
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   responders there will still be cases when path MTU limitations or IP
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan HuntVixie & Kato            Expires November 11, 2012               [Page 2]
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan HuntInternet-Draft         DNS Referral Response Size               May 2012
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   fragmentation/reassembly problems in firewalls and other middleboxes
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   will cause EDNS failures which leads to non-extended DNS retries.  A
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   smaller referral response will always be better than a larger one if
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   the same end result can be achieved either way.  See [RFC5625],
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   [SSAC035], and Section 6.2.6 of [RFC2671bis] for details.
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt2.  Delegation Details
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt2.1.  Relevant Protocol Elements
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   A positive delegation response will include the following elements:
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt       Header Section: fixed length (12 octets)
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt       Question Section: original query (name, class, type)
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt       Answer Section: empty, or a CNAME/DNAME chain
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt       Authority Section: NS RRset (nameserver names)
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt       Additional Section: A and AAAA RRsets (nameserver addresses)
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   Note: CNAME defines a canonical name ([RFC1034]) while DNAME maps an
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   entire subtree to another domain ([RFC2672]).
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   If the total size of the UDP response exceeds 512 octets or the size
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   advertised in EDNS, and if the data that does not fit was "required",
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   then the TC bit will be set (indicating truncation).  This will
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   usually cause the requester to retry using TCP, depending on what
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   information was desired and what information was omitted.  For
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   example, truncation in the authority section is of no interest to a
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   stub resolver who only plans to consume the answer section.  If a
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   retry using TCP is needed, the total cost of the transaction is much
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   higher.  See Section 6.1.3.2 of [RFC1123] for details on the
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   requirement that UDP be attempted before falling back to TCP.
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   RRsets (Resource Record Set, see [RFC2136]) are never sent partially
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   unless the TC bit is set to indicate truncation.  When the TC bit is
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   set, the final apparent RRset in the final non-empty section must be
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   considered "possibly damaged" (see Section 6.2 of [RFC1035] and
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   Section 9 of [RFC2181]).
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   With or without truncation, the glue present in the additional data
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   section should be considered "possibly incomplete", and requesters
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   should be prepared to re-query for any damaged or missing RRsets.
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   Note that truncation of the additional data section might not be
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   signaled via the TC bit since additional data is often optional (see
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   discussion in Appendix B of [RFC4472]).
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   DNS label compression allows the component labels of a domain name to
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   be instantiated exactly once per DNS message, and then referenced
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   with a two-octet "pointer" from other locations in that same DNS
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan HuntVixie & Kato            Expires November 11, 2012               [Page 3]
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan HuntInternet-Draft         DNS Referral Response Size               May 2012
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   message (see Section 4.1.4 of [RFC1035]).  If all nameserver names in
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   a message share a common parent (for example, all of them are in
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   "ROOT-SERVERS.NET." zone), then more space will be available for
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   incompressible data (such as nameserver addresses).
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   The query name can be as long as 255 octets of network data.  In this
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   worst case scenario, the question section will be 259 octets in size,
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   which would leave only 240 octets for the authority and additional
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   sections (after deducting 12 octets for the fixed length header) in a
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   referral.
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt2.2.  Advice to Zone Owners
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   Average and maximum question section sizes can be predicted by the
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   zone owner, since they will know what names actually exist and can
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   measure which ones are queried for most often.  Note that if the zone
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   contains any wildcards, it is possible for maximum length queries to
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   require positive responses, but that it is reasonable to expect
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   truncation and TCP retry in that case.  For cost and performance
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   reasons, the majority of requests should be satisfied without
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   truncation or TCP retry.
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   Some queries to non-existing names can be large, but this is not a
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   problem because negative responses need not contain any answer,
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   authority or additional records.  See Section 2.1 of [RFC2308] for
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   more information about the format of negative responses.
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   The minimum useful number of name servers is two, for redundancy (see
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   Section 4.1 of [RFC1034]).  A zone's name servers should be reachable
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   by all IP protocols versions (e.g., IPv4 and IPv6) in common use.  As
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   long as the servers are well managed, the server serving IPv6 might
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   be different from the server serving IPv4 sharing the same server
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   name.
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   The best case is no truncation at all.  This is because many
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   requesters will retry using TCP immediately, or will automatically
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   requery for RRsets that are possibly truncated, without considering
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   whether the omitted data was actually necessary.
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   Anycasting [RFC3258] is a useful tool for performance and reliability
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   without increasing the size of referral responses.
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   While it is irrelevant to the response size issue, all zones have to
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   be served via IPv4 as well to avoid name space fragmentation
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   [RFC3901].
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan HuntVixie & Kato            Expires November 11, 2012               [Page 4]
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan HuntInternet-Draft         DNS Referral Response Size               May 2012
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt2.3.  Advice to Server Implementors
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   Each NS RR for a zone will add 12 fixed octets (name, type, class,
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   ttl, and rdlen) plus 2 to 255 variable octets (for the NSDNAME).
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   Each A RR will require 16 octets, and each AAAA RR will require 28
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   octets.
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   While DNS distinguishes between necessary and optional resource
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   records, this distinction is according to protocol elements necessary
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   to signify facts, and takes no official notice of protocol content
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   necessary to ensure correct operation.  For example, a nameserver
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   name that is in or below the zone cut being described by a delegation
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   is "necessary content", since there is no way to reach that zone
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   unless the parent zone's delegation includes "glue records"
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   describing that name server's addresses.
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   Recall that the TC bit is only set when a required RRset can not be
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   included in its entirety (see Section 9 of [RFC2181]).  Even when
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   some of the RRsets to be included in the additional section don't fit
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   in the response size, the TC bit isn't set.  These RRsets may be
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   important for a referral.  Some DNS implementations try to resolve
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   these missing glue records separately which will introduce extra
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   queries and extra time to resolve a given name.
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   A delegation response should prioritize glue records as follows.
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   first:
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt       All glue RRsets for one name server whose name is in or below the
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt       zone being delegated, or which has multiple address RRsets
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt       (currently A and AAAA), or preferably both;
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   second:
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt       Alternate between adding all glue RRsets for any name servers
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt       whose names are in or below the zone being delegated, and all
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt       glue RRsets for any name servers who have multiple address RRsets
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt       (currently A and AAAA);
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   thence:
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt       All other glue RRsets, in any order.
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   Whenever there are multiple candidates for a position in this
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   priority scheme, one should be chosen on a round-robin or fully
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   random basis.  The goal of this priority scheme is to offer
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   "necessary" glue first to fill into the response if possible.
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   If any "necessary" content cannot be fit in the response, then it is
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   advisable that the TC bit be set in order to force a TCP retry,
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   rather than have the zone be unreachable.  Note that a parent
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   server's proper response to a query for in-child glue or below-child
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   glue is a referral rather than an answer, and that this referral must
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan HuntVixie & Kato            Expires November 11, 2012               [Page 5]
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan HuntInternet-Draft         DNS Referral Response Size               May 2012
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   be able to contain the in-child or below-child glue, and that in
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   outlying cases, only EDNS or TCP will be large enough to contain that
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   data.
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   The glue record order should be independent of the version of IP used
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   in the query because the DNS server might just see a query from an
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   intermediate server rather than the query from the original client.
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt3.  Analysis
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   An instrumented protocol trace of a best case delegation response is
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   shown in Figure 1.  Note that 13 servers are named, and 13 addresses
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   are given.  This query was artificially designed to exactly reach the
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   512 octets limit.
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan HuntVixie & Kato            Expires November 11, 2012               [Page 6]
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan HuntInternet-Draft         DNS Referral Response Size               May 2012
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt      ;; flags: qr rd; QUERY: 1, ANS: 0, AUTH: 13, ADDIT: 13
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt      ;; QUERY SECTION:
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt      ;;  [23456789.123456789.123456789.\
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt           123456789.123456789.123456789.com A IN]        ;; @80
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt      ;; AUTHORITY SECTION:
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt      com.                 172800 NS  E.GTLD-SERVERS.NET.  ;; @112
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt      com.                 172800 NS  F.GTLD-SERVERS.NET.  ;; @128
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt      com.                 172800 NS  G.GTLD-SERVERS.NET.  ;; @144
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt      com.                 172800 NS  H.GTLD-SERVERS.NET.  ;; @160
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt      com.                 172800 NS  I.GTLD-SERVERS.NET.  ;; @176
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt      com.                 172800 NS  J.GTLD-SERVERS.NET.  ;; @192
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt      com.                 172800 NS  K.GTLD-SERVERS.NET.  ;; @208
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt      com.                 172800 NS  L.GTLD-SERVERS.NET.  ;; @224
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt      com.                 172800 NS  M.GTLD-SERVERS.NET.  ;; @240
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt      com.                 172800 NS  A.GTLD-SERVERS.NET.  ;; @256
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt      com.                 172800 NS  B.GTLD-SERVERS.NET.  ;; @272
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt      com.                 172800 NS  C.GTLD-SERVERS.NET.  ;; @288
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt      com.                 172800 NS  D.GTLD-SERVERS.NET.  ;; @304
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt      ;; ADDITIONAL SECTION:
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt      A.GTLD-SERVERS.NET.  172800 A   192.5.6.30           ;; @320
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt      B.GTLD-SERVERS.NET.  172800 A   192.33.14.30         ;; @336
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt      C.GTLD-SERVERS.NET.  172800 A   192.26.92.30         ;; @352
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt      D.GTLD-SERVERS.NET.  172800 A   192.31.80.30         ;; @368
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt      E.GTLD-SERVERS.NET.  172800 A   192.12.94.30         ;; @384
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt      F.GTLD-SERVERS.NET.  172800 A   192.35.51.30         ;; @400
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt      G.GTLD-SERVERS.NET.  172800 A   192.42.93.30         ;; @416
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt      H.GTLD-SERVERS.NET.  172800 A   192.54.112.30        ;; @432
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt      I.GTLD-SERVERS.NET.  172800 A   192.43.172.30        ;; @448
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt      J.GTLD-SERVERS.NET.  172800 A   192.48.79.30         ;; @464
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt      K.GTLD-SERVERS.NET.  172800 A   192.52.178.30        ;; @480
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt      L.GTLD-SERVERS.NET.  172800 A   192.41.162.30        ;; @496
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt      M.GTLD-SERVERS.NET.  172800 A   192.55.83.30         ;; @512
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt      ;; MSG SIZE  sent: 80  rcvd: 512
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt                                 Figure 1
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   For longer query names, the number of address records supplied will
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   be lower.  Furthermore, it is only by using a common parent name
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   (which is "GTLD-SERVERS.NET." in this example) that all 13 addresses
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   are able to fit, due to the use of DNS compression pointers in the
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   last 12 occurrences of the parent domain name.  The outputs from the
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   response simulator in Appendix A (written in perl [PERL]) shown in
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   Figure 2 and Figure 3 demonstrate these properties.
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan HuntVixie & Kato            Expires November 11, 2012               [Page 7]
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan HuntInternet-Draft         DNS Referral Response Size               May 2012
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   % perl respsize.pl a.dns.br b.dns.br c.dns.br d.dns.br
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   a.dns.br requires 10 bytes
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   b.dns.br requires 4 bytes
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   c.dns.br requires 4 bytes
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   d.dns.br requires 4 bytes
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   # of NS: 4
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   For maximum size query (255 byte):
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt       only A is considered:        # of A is 4 (green)
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt       A and AAAA are considered:   # of A+AAAA is 3 (yellow)
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt       preferred-glue A is assumed: # of A is 4, # of AAAA is 3 (yellow)
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   For average size query (64 byte):
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt       only A is considered:        # of A is 4 (green)
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt       A and AAAA are considered:   # of A+AAAA is 4 (green)
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt       preferred-glue A is assumed: # of A is 4, # of AAAA is 4 (green)
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt                                 Figure 2
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   % perl respsize.pl ns-ext.isc.org ns.psg.com ns.ripe.net ns.eu.int
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   ns-ext.isc.org requires 16 bytes
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   ns.psg.com requires 12 bytes
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   ns.ripe.net requires 13 bytes
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   ns.eu.int requires 11 bytes
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   # of NS: 4
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   For maximum size query (255 byte):
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt       only A is considered:        # of A is 4 (green)
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt       A and AAAA are considered:   # of A+AAAA is 3 (yellow)
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt       preferred-glue A is assumed: # of A is 4, # of AAAA is 2 (yellow)
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   For average size query (64 byte):
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt       only A is considered:        # of A is 4 (green)
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt       A and AAAA are considered:   # of A+AAAA is 4 (green)
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt       preferred-glue A is assumed: # of A is 4, # of AAAA is 4 (green)
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt                                 Figure 3
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   Here we use the term "green" if all address records could fit, or
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   "yellow" if two or more could fit, or "orange" if only one could fit,
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   or "red" if no address record could fit.  It's clear that without a
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   common parent for nameserver names, much space would be lost.  For
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   these examples we use an average/common name size of 15 octets,
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   befitting our assumption of "GTLD-SERVERS.NET." as our common parent
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   name.
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   We're assuming a medium query name size of 64 since that is the
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   typical size seen in trace data at the time of this writing.  If
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   Internationalized Domain Name (IDN) or any other technology that
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   results in larger query names be deployed significantly in advance of
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan HuntVixie & Kato            Expires November 11, 2012               [Page 8]
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan HuntInternet-Draft         DNS Referral Response Size               May 2012
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   EDNS, then new measurements and new estimates will have to be made.
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt4.  Conclusions
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   The current practice of giving all nameserver names a common parent
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   (such as "GTLD-SERVERS.NET." or "ROOT-SERVERS.NET.") saves space in
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   DNS responses and allows for more nameservers to be enumerated than
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   would otherwise be possible, since the common parent domain name only
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   appears once in a DNS message and is referred to via "compression
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   pointers" thereafter.
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   If all nameserver names for a zone share a common parent, then it is
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   operationally advisable to make all servers for the zone thus served
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   also be authoritative for the zone of that common parent.  For
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   example, the root name servers (?.ROOT-SERVERS.NET.) can answer
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   authoritatively for the ROOT-SERVERS.NET. zone.  This is to ensure
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   that the zone's servers always have the zone's nameservers' glue
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   available when delegating, and will be able to respond with answers
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   rather than referrals if a requester who wants that glue comes back
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   asking for it.  In this case the name server will likely be a
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   "stealth server" -- authoritative but unadvertised in the glue zone's
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   NS RRset.  See Section 2 of [RFC1996] for more information about
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   stealth servers.
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   Thirteen (13) is the effective maximum number of nameserver names
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   usable with traditional (non-extended) DNS, assuming a common parent
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   domain name, and given that implicit referral response truncation is
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   undesirable in the average case.
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   More than one address record in a protocol family per server is
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   inadvisable since the necessary glue RRsets (A or AAAA) are
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   atomically indivisible, and will be larger than a single resource
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   record.  Larger RRsets are more likely to lead to or encounter
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   truncation.
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   More than one address record across protocol families is less likely
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   to lead to or encounter truncation, partly because multiprotocol
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   clients, which are required to handle larger RRsets such as AAAA RRs,
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   are more likely to speak EDNS, which can use a larger UDP response
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   size limit, and partly because the resource records (A and AAAA) are
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   in different RRsets and are therefore divisible from each other.
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   Name server names that are at or below the zone they serve are more
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   sensitive to referral response truncation, and glue records for them
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   should be considered "more important" than other glue records, in the
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   assembly of referral responses.
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan HuntVixie & Kato            Expires November 11, 2012               [Page 9]
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan HuntInternet-Draft         DNS Referral Response Size               May 2012
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt5.  Security Considerations
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   The recommendations contained in this document have no known security
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   implications.
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt6.  IANA Considerations
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   This document does not call for changes or additions to any IANA
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   registry.
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt7.  Acknowledgement
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   The authors thank Peter Koch, Rob Austein, Joe Abley, Mark Andrews,
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   Kenji Rikitake, Stephane Bortzmeyer, Olafur Gudmundsson, Alfred
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   Hoenes, Alexander Mayrhofer, and Ray Bellis for their valuable
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   comments and suggestions.
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   This work was supported by the US National Science Foundation
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   (research grant SCI-0427144) and DNS-OARC.
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt8.  References
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt8.1.  Normative References
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   [RFC1034]  Mockapetris, P., "Domain names - concepts and facilities",
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt              STD 13, RFC 1034, November 1987.
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   [RFC1035]  Mockapetris, P., "Domain names - implementation and
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt              specification", STD 13, RFC 1035, November 1987.
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   [RFC2181]  Elz, R. and R. Bush, "Clarifications to the DNS
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt              Specification", RFC 2181, July 1997.
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt8.2.  Informative References
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   [PERL]     Wall, L., Christiansen, T., and J. Orwant, "Programming
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt              Perl, 3rd ed.", ISBN 0-596-00027-8, July 2000.
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   [RFC1123]  Braden, R., "Requirements for Internet Hosts - Application
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt              and Support", STD 3, RFC 1123, October 1989.
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   [RFC1996]  Vixie, P., "A Mechanism for Prompt Notification of Zone
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt              Changes (DNS NOTIFY)", RFC 1996, August 1996.
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   [RFC2136]  Vixie, P., Thomson, S., Rekhter, Y., and J. Bound,
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan HuntVixie & Kato            Expires November 11, 2012              [Page 10]
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan HuntInternet-Draft         DNS Referral Response Size               May 2012
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt              "Dynamic Updates in the Domain Name System (DNS UPDATE)",
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt              RFC 2136, April 1997.
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   [RFC2308]  Andrews, M., "Negative Caching of DNS Queries (DNS
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt              NCACHE)", RFC 2308, March 1998.
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   [RFC2671]  Vixie, P., "Extension Mechanisms for DNS (EDNS0)",
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt              RFC 2671, August 1999.
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   [RFC2671bis]
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt              Damas, J., Graff, M., and P. Vixie, "Extension Mechanisms
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt              for DNS (EDNS0)", draft-ietf-dnsext-rfc2671bis-edns0-08 ,
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt              February 2012.
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   [RFC2672]  Crawford, M., "Non-Terminal DNS Name Redirection",
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt              RFC 2672, August 1999.
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   [RFC3226]  Gudmundsson, O., "DNSSEC and IPv6 A6 aware server/resolver
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt              message size requirements", RFC 3226, December 2001.
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   [RFC3258]  Hardie, T., "Distributing Authoritative Name Servers via
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt              Shared Unicast Addresses", RFC 3258, April 2002.
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   [RFC3901]  Durand, A. and J. Ihren, "DNS IPv6 Transport Operational
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt              Guidelines", BCP 91, RFC 3901, September 2004.
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   [RFC4472]  Durand, A., Ihren, J., and P. Savola, "Operational
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt              Considerations and Issues with IPv6 DNS", RFC 4472,
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt              April 2006.
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   [RFC5625]  Bellis, R., "DNS Proxy Implementation Guidelines",
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt              BCP 152, RFC 5625, August 2009.
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   [SSAC035]  Bellis, R. and L. Phifer, "Test Report: DNSSEC Impact on
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt              Broadband Routers and Firewalls", SSAC 035,
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt              September 2008.
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan HuntAppendix A.  The response simulator program
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   #!/usr/bin/perl
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   #
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   # SYNOPSIS
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   #    respsize.pl [ -z zone ] fqdn_ns1 fqdn_ns2 ...
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   #        if all queries are assumed to have a same zone suffix,
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   #     such as "jp" in JP TLD servers, specify it in -z option
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   #
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan HuntVixie & Kato            Expires November 11, 2012              [Page 11]
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan HuntInternet-Draft         DNS Referral Response Size               May 2012
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   use strict;
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   use Getopt::Std;
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   my ($sz_msg) = (512);
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   my ($sz_header, $sz_ptr, $sz_rr_a, $sz_rr_aaaa) = (12, 2, 16, 28);
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   my ($sz_type, $sz_class, $sz_ttl, $sz_rdlen) = (2, 2, 4, 2);
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   my (%namedb, $name, $nssect, %opts, $optz);
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   my $n_ns = 0;
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   getopt('z', %opts);
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   if (defined($opts{'z'})) {
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt       server_name_len($opts{'z'}); # just register it
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   }
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   foreach $name (@ARGV) {
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt       my $len;
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt       $n_ns++;
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt       $len = server_name_len($name);
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt       print "$name requires $len bytes\n";
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt       $nssect += $sz_ptr + $sz_type + $sz_class + $sz_ttl
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt               +  $sz_rdlen + $len;
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   }
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   print "# of NS: $n_ns\n";
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   arsect(255, $nssect, $n_ns, "maximum");
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   arsect(64, $nssect, $n_ns, "average");
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   sub server_name_len {
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt       my ($name) = @_;
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt       my (@labels, $len, $n, $suffix);
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt       $name =~ tr/A-Z/a-z/;
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt       @labels = split(/\./, $name);
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt       $len = length(join('.', @labels)) + 2;
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt       for ($n = 0; $#labels >= 0; $n++, shift @labels) {
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt           $suffix = join('.', @labels);
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt           return length($name) - length($suffix) + $sz_ptr
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt               if (defined($namedb{$suffix}));
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt           $namedb{$suffix} = 1;
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt       }
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt       return $len;
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   }
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   sub arsect {
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt       my ($sz_query, $nssect, $n_ns, $cond) = @_;
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt       my ($space, $n_a, $n_a_aaaa, $n_p_aaaa, $ansect);
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt       $ansect = $sz_query + $sz_type + $sz_class;
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt       $space = $sz_msg - $sz_header - $ansect - $nssect;
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt       $n_a = atmost(int($space / $sz_rr_a), $n_ns);
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan HuntVixie & Kato            Expires November 11, 2012              [Page 12]
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan HuntInternet-Draft         DNS Referral Response Size               May 2012
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt       $n_a_aaaa = atmost(int($space
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt                              / ($sz_rr_a + $sz_rr_aaaa)), $n_ns);
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt       $n_p_aaaa = atmost(int(($space - $sz_rr_a * $n_ns)
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt                              / $sz_rr_aaaa), $n_ns);
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt       printf "For %s size query (%d byte):\n", $cond, $sz_query;
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt       printf "    only A is considered:        ";
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt       printf "# of A is %d (%s)\n", $n_a, &judge($n_a, $n_ns);
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt       printf "    A and AAAA are considered:   ";
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt       printf "# of A+AAAA is %d (%s)\n",
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt              $n_a_aaaa, &judge($n_a_aaaa, $n_ns);
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt       printf "    preferred-glue A is assumed: ";
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt       printf "# of A is %d, # of AAAA is %d (%s)\n",
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt           $n_a, $n_p_aaaa, &judge($n_p_aaaa, $n_ns);
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   }
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   sub judge {
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt       my ($n, $n_ns) = @_;
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt       return "green" if ($n >= $n_ns);
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt       return "yellow" if ($n >= 2);
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt       return "orange" if ($n == 1);
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt       return "red";
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   }
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   sub atmost {
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt       my ($a, $b) = @_;
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt       return 0 if ($a < 0);
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt       return $b if ($a > $b);
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt       return $a;
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   }
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan HuntAuthors' Addresses
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   Paul Vixie
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   Internet Systems Consortium
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   950 Charter Street
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   Redwood City, CA  94063
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   US
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   Phone: +1 650 423 1300
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   Email: vixie@isc.org
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan HuntVixie & Kato            Expires November 11, 2012              [Page 13]
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan HuntInternet-Draft         DNS Referral Response Size               May 2012
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   Akira Kato
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   Keio University/WIDE Project
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   Graduate School of Media Design, 4-1-1 Hiyoshi
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   Kohoku, Yokohama  223-8526
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   JP
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   Phone: +81 45 564 2490
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt   Email: kato@wide.ad.jp
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan HuntVixie & Kato            Expires November 11, 2012              [Page 14]
f2ea8c2f965be7ff4c59f805712c12d469226b7bEvan Hunt