-
Notifications
You must be signed in to change notification settings - Fork 3
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Caching: move bulk of Max-Age / TTL calculation part to DoC server #19
Conversation
I find the RECOMMENDED/MUST dualism for the DoC server part a bit clunky myself at the moment. Maybe someone else has an idea for better wording here? |
a1caaa8
to
7001a34
Compare
It's a pity that For our use case, this means that we might deliver already invalid DNS responses, but I think there is no way around that if we want to use the We should probably state this problem somewhere in the document, but perhaps it's not that critical to include it in this upcoming version. |
Section 5.7.1 is pretty explicit on the upper bound:
If a response is generated out of a cache, the generated (or implied)
Max-Age Option MUST NOT extend the max-age originally set by the
server, considering the time the resource representation spent in the
cache.
The SHOULD in 5.10.5 is only about retransmissions, so it only adds
significant time in case of retransmissions, and never in total more
than the time spent waiting for it -- how could that make cache entries
go around indefinitely?
|
The section you reference is indeed very explicit about it. This solves my concerns about the caching time. |
Tried myself on that in 939a7c5... not sure mmhhh maybe we should drop the RECOMMENDED part and just require it from the DoC server to do it that way? |
I noticed something while evaluating this: Some resolvers (or at least |
If they may shuffle, we may sort?
|
Let's put a pin into that at least as an option 😁 |
No surprise. Kind of load balancing, often round-robin. |
Unlike on HTTP we sadly (well, for good complexity reasons) have no weak etags, otherwise we could keep the good of both sides (load balancing and caching) by sorting only in the ETag calculation :-(
|
I suspected it to be done for that reason. |
@chrysn Entity tags in CoAP don't really have much semantics by themselves (i.e., there is no statement such as "if the bytes making up the representation change, then the entity tag must change as well"). Their semantics comes from the way they're used: If a client has a response with an entity tag in its cache, it can validate that the response is still usable using the ETag Option. IMO it would be perfectly fine if a server responds that a response is still usable when the response is semantically still the same but the bytes have changed. |
Entity tags in CoAP don't really have much semantics by themselves
That would interfere with how they are used to validate block-wise transfers; 7252 is pretty explicit on the distinction to weak ETags IIUC.
|
@chrysn Good point. Maybe section 5 should have been more explicit on this, since it's currently silent on the semantics of entity-tags themselves. (There is a well-hidden side note in section 10, though, that is indeed pretty explicit that "CoAP ETags are always strong ETags in the HTTP sense; CoAP does not have the equivalent of HTTP weak ETags"). Too bad. 🤷 |
Co-authored-by: chrysn <chrysn@fsfe.org>
Rebased to current master. |
939a7c5
to
ea85d90
Compare
All relevant things on caching were discussed in 4.3.2, considerations on proxy / DoC server behavior and late responses are general CoAP problems.
This offers an alternative to https://github.com/anr-bmbf-pivot/draft-dns-over-coap/pull/17 in response to https://github.com/anr-bmbf-pivot/draft-dns-over-coap/pull/17#issuecomment-1059931619.
Now, instead of using the minimum TTL as Max-Age at the DoC server and then the DoC client needing to calculate the "true TTL" after caching from the Max-Age, the bulk of checking and calculating now happens at the (presumed to be more powerful) DoC server: The DoC server takes the mimimum TTL and substracts it from all TTLs in the DNS response, the DoC client then only takes the Max-Age and adds it to all TTLs again (instead of needing to search the minimum TTL first, calculating the difference and then adding it to all TTLs).
For illustration, here the example @chrysn gave me offline:
Let's assume there is an upstream DNS server, a DoC server that serves responses from that DNS server and also has its own DNS cache, and a (DoC agnostic) CoAP proxy between the DoC server and one or more DoC clients. A DoC client requests a an A record for
example.org
and it leads to the following situation.example.org
TTL=300 IN A 192.0.2.7example.org
TTL=200 IN A 192.0.2.7example.org
TTL=0 IN A 192.0.2.7]example.org
TTL=0 IN A 192.0.2.7]20 minutes later, the CoAP proxy receives yet another request for an A record for
example.org
, the response is in the cache, but marked stale. As such, it asks the DoC server for revalidation using by sending the E-Tagh
. The DoC server does not have the response in its DNS cache anymore and thus asks upstream:example.org
TTL=300 IN A 192.0.2.7example.org
TTL=0 IN A 192.0.2.7]TODO: Adapt examples!