Independent Submission M. Andrews
Request for Comments: 7314 ISC
Category: Experimental July 2014
ISSN: 2070-1721
Independent Submission M. Andrews
Request for Comments: 7314 ISC
Category: Experimental July 2014
ISSN: 2070-1721
Extension Mechanisms for DNS (EDNS) EXPIRE Option
DNS(EDNS)的扩展机制过期选项
Abstract
摘要
This document specifies a method for secondary DNS servers to honour the SOA EXPIRE field as if they were always transferring from the primary, even when using other secondaries to perform indirect transfers and refresh queries.
本文档为辅助DNS服务器指定了一种方法,使其遵守SOA EXPIRE字段,就好像它们总是从主DNS服务器传输一样,即使在使用其他辅助DNS服务器执行间接传输和刷新查询时也是如此。
Status of This Memo
关于下段备忘
This document is not an Internet Standards Track specification; it is published for examination, experimental implementation, and evaluation.
本文件不是互联网标准跟踪规范;它是为检查、实验实施和评估而发布的。
This document defines an Experimental Protocol for the Internet community. This is a contribution to the RFC Series, independently of any other RFC stream. The RFC Editor has chosen to publish this document at its discretion and makes no statement about its value for implementation or deployment. Documents approved for publication by the RFC Editor are not a candidate for any level of Internet Standard; see Section 2 of RFC 5741.
本文档为互联网社区定义了一个实验协议。这是对RFC系列的贡献,独立于任何其他RFC流。RFC编辑器已选择自行发布此文档,并且未声明其对实现或部署的价值。RFC编辑批准发布的文件不适用于任何级别的互联网标准;见RFC 5741第2节。
Information about the current status of this document, any errata, and how to provide feedback on it may be obtained at http://www.rfc-editor.org/info/rfc7314.
有关本文件当前状态、任何勘误表以及如何提供反馈的信息,请访问http://www.rfc-editor.org/info/rfc7314.
Copyright Notice
版权公告
Copyright (c) 2014 IETF Trust and the persons identified as the document authors. All rights reserved.
版权所有(c)2014 IETF信托基金和确定为文件作者的人员。版权所有。
This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document.
本文件受BCP 78和IETF信托有关IETF文件的法律规定的约束(http://trustee.ietf.org/license-info)自本文件出版之日起生效。请仔细阅读这些文件,因为它们描述了您对本文件的权利和限制。
Table of Contents
目录
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2
1.1. Reserved Words . . . . . . . . . . . . . . . . . . . . . 2
2. Expire EDNS Option (Query) . . . . . . . . . . . . . . . . . 3
3. Expire EDNS Option (Response) . . . . . . . . . . . . . . . . 3
3.1. Primary Server . . . . . . . . . . . . . . . . . . . . . 3
3.2. Secondary Server . . . . . . . . . . . . . . . . . . . . 3
3.3. Non-authoritative Server . . . . . . . . . . . . . . . . 3
4. Secondary Behaviour . . . . . . . . . . . . . . . . . . . . . 3
5. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 4
6. Security Considerations . . . . . . . . . . . . . . . . . . . 4
7. Normative References . . . . . . . . . . . . . . . . . . . . 4
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2
1.1. Reserved Words . . . . . . . . . . . . . . . . . . . . . 2
2. Expire EDNS Option (Query) . . . . . . . . . . . . . . . . . 3
3. Expire EDNS Option (Response) . . . . . . . . . . . . . . . . 3
3.1. Primary Server . . . . . . . . . . . . . . . . . . . . . 3
3.2. Secondary Server . . . . . . . . . . . . . . . . . . . . 3
3.3. Non-authoritative Server . . . . . . . . . . . . . . . . 3
4. Secondary Behaviour . . . . . . . . . . . . . . . . . . . . . 3
5. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 4
6. Security Considerations . . . . . . . . . . . . . . . . . . . 4
7. Normative References . . . . . . . . . . . . . . . . . . . . 4
The expire field of a DNS zone's SOA record [RFC1035] is supposed to indicate when a secondary server shall discard the contents of the zone when it has been unable to contact the primary [RFC1034]. Current practice only works when all the secondaries contact the primary directly to perform refresh queries and zone transfers.
DNS区域的SOA记录[RFC1035]的expire字段应该指示当辅助服务器无法联系主服务器[RFC1034]时,何时应丢弃该区域的内容。当前做法仅在所有辅助设备直接与主设备联系以执行刷新查询和区域传输时有效。
While secondaries are expected to be able to, and often are configured to, transfer from other secondaries for robustness reasons as well as reachability constraints, there is no mechanism provided to preserve the expiry behaviour when using a secondary. Instead, secondaries have to know whether they are talking directly to the primary or another secondary and use that to decide whether or not to update the expire timer. This, however, fails to take into account delays in transferring from one secondary to another.
虽然由于健壮性原因以及可达性约束,二级数据库预计能够并且通常配置为从其他二级数据库进行传输,但在使用二级数据库时,没有提供任何机制来保持到期行为。相反,二级用户必须知道他们是直接与主用户还是另一个二级用户通话,并使用该信息来决定是否更新过期计时器。然而,这并没有考虑到从一个中学到另一个中学的传输延迟。
There are also zone-transfer graphs in which the secondary never talks to the primary, so the effective expiry period becomes multiplied by the length of the zone-transfer graph, which is infinite when it contains loops.
还有一些区域转移图,其中次节点从不与主节点对话,因此有效失效期将乘以区域转移图的长度,当包含循环时,区域转移图的长度是无限的。
This document provides a mechanism to preserve the expiry behaviour regardless of what zone-transfer graph is constructed and whether the secondary is talking to the primary or another secondary.
本文档提供了一种机制,无论构造了什么区域传输图,也不管辅助设备是与主设备还是另一个辅助设备通信,都可以保留过期行为。
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in [RFC2119].
本文件中的关键词“必须”、“不得”、“必需”、“应”、“不应”、“应”、“不应”、“建议”、“可”和“可选”应按照[RFC2119]中所述进行解释。
The EDNS [RFC6891] EXPIRE option has the value <9>. The EDNS EXPIRE option MAY be included on any QUERY, though usually this is only done on SOA, AXFR, and IXFR queries involved in zone maintenance. This is done by adding a zero-length EDNS EXPIRE option to the options field of the OPT record when the query is made.
EDNS[RFC6891]EXPIRE选项的值为<9>。EDNS EXPIRE选项可以包含在任何查询中,尽管通常仅在涉及区域维护的SOA、AXFR和IXFR查询中执行。这是通过在进行查询时向OPT记录的options字段添加一个长度为零的EDNS EXPIRE选项来实现的。
When the query is directed to the primary server for the zone, the response will be an EDNS EXPIRE option of length 4 containing the value of the SOA EXPIRE field, in seconds and network byte order.
当查询被定向到区域的主服务器时,响应将是一个长度为4的EDNS EXPIRE选项,其中包含SOA EXPIRE字段的值(以秒为单位)和网络字节顺序。
When the query is directed to a secondary server for the zone, then the response will be an EDNS EXPIRE option of length 4 containing the value of the expire timer on that server, in seconds and network byte order.
当查询被定向到区域的辅助服务器时,响应将是一个长度为4的EDNS EXPIRE选项,其中包含该服务器上过期计时器的值(以秒为单位)和网络字节顺序。
If an EDNS EXPIRE option is sent to a server that is not authoritative for the zone, it MUST NOT add an EDNS EXPIRE option to the response.
如果将EDNS EXPIRE选项发送到对该区域不具有权威性的服务器,则该服务器不得将EDNS EXPIRE选项添加到响应中。
When a secondary server performs a zone-transfer request or a zone-refresh query, it SHALL add an EDNS EXPIRE option to the query message.
当辅助服务器执行区域传输请求或区域刷新查询时,应在查询消息中添加一个EDNS过期选项。
If a secondary receives an EDNS EXPIRE option in a response to an SOA query, it SHALL update its expire timer to be the maximum of the value returned in the EDNS EXPIRE option and the current timer value. Similarly, if a secondary receives an EDNS EXPIRE option in its response to an IXFR query that indicated the secondary is up to date (serial matches current serial), the secondary SHALL update the expire timer to be the maximum of the value returned in the EDNS EXPIRE option and the current timer value.
如果辅助服务器在对SOA查询的响应中接收到EDNS EXPIRE选项,则应将其EXPIRE timer更新为EDNS EXPIRE选项中返回的值和当前计时器值的最大值。类似地,如果辅助设备在其对IXFR查询的响应中收到EDNS EXIRE选项,该查询指示辅助设备是最新的(串行与当前串行匹配),则辅助设备应将EXIRE定时器更新为EDNS EXIRE选项中返回的值与当前定时器值的最大值。
If the zone is transferred or updated as the result of an AXFR or IXFR query and there is an EDNS EXPIRE option with the response, then the value of the EDNS EXPIRE option SHOULD be used instead of the value of the SOA EXPIRE field to initialise the expire timer.
如果由于AXFR或IXFR查询而传输或更新了区域,并且响应中有一个EDNS EXIRE选项,则应使用EDNS EXIRE选项的值而不是SOA EXIRE字段的值来初始化过期计时器。
In all cases, if the value of the SOA EXPIRE field is less than the value of the EDNS EXPIRE option, then the value of the SOA EXPIRE field MUST be used and MUST be treated as a maximum when updating or initialising the expire timer.
在所有情况下,如果SOA EXPIRE字段的值小于EDNS EXPIRE选项的值,则必须使用SOA EXPIRE字段的值,并且在更新或初始化EXPIRE计时器时必须将其视为最大值。
IANA has assigned an EDNS option code point for the EDNS EXPIRE option specified in Section 2 with "Optional" status in the "DNS EDNS0 Option Codes (OPT)" registry.
IANA已为第2节中指定的EDNS过期选项分配了一个EDNS选项代码点,该选项在“DNS EDNS0选项代码(OPT)”注册表中处于“可选”状态。
The method described in this document ensures that servers that no longer have a connection to the primary server, direct or indirectly, cease serving the zone content when SOA EXPIRE timer is reached. This prevents stale data from being served indefinitely.
本文档中描述的方法可确保不再直接或间接连接到主服务器的服务器在达到SOA过期计时器时停止提供区域内容。这可以防止过时数据被无限期地提供。
The EDNS EXPIRE option exposes how long the secondaries have been out of communication with the primary server. This is not believed to be a problem and may provide some benefit to monitoring systems.
EDNS EXPIRE选项显示辅助服务器与主服务器失去通信的时间。这不被认为是一个问题,并可能为监控系统提供一些好处。
[RFC1034] Mockapetris, P., "Domain names - concepts and facilities", STD 13, RFC 1034, November 1987.
[RFC1034]Mockapetris,P.,“域名-概念和设施”,STD 13,RFC 1034,1987年11月。
[RFC1035] Mockapetris, P., "Domain names - implementation and specification", STD 13, RFC 1035, November 1987.
[RFC1035]Mockapetris,P.,“域名-实现和规范”,STD 13,RFC 1035,1987年11月。
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997.
[RFC2119]Bradner,S.,“RFC中用于表示需求水平的关键词”,BCP 14,RFC 2119,1997年3月。
[RFC6891] Damas, J., Graff, M., and P. Vixie, "Extension Mechanisms for DNS (EDNS(0))", STD 75, RFC 6891, April 2013.
[RFC6891]Damas,J.,Graff,M.,和P.Vixie,“DNS(EDNS(0))的扩展机制”,STD 75,RFC 6891,2013年4月。
Author's Address
作者地址
Mark P. Andrews Internet Systems Consortium 950 Charter Street Redwood City, CA 94063 US
Mark P.Andrews Internet Systems Consortium 950 Charter Street Redwood City,加利福尼亚州,美国94063
EMail: marka@isc.org
EMail: marka@isc.org