(Huge apologies in advance for any and all names I completely
mangle!  check http://nanog.multiply.com/ to see names/faces
correctly handled by Ren.  ^_^; )

Matt


2006.02.13, talk 3
NTT labs, (Steve Feldman apologizes for mangling the
pronnounciation of their names).

NTT information sharing platform labs
(didn't get names/info from opening slide)

Outline
Expect increase in number of DNS queries this year
Discussion
 effect on cache server load and user response time
 how can we decrease number of unnecessary queries?

Today's topic
we focus on increase in number of queries between users
and cache servers caused by
 IPv6 support
  number of 4A queries same as that of A queries
 domain name completion function
  DN completion by OS
  DN completion by application

IPv6 enabled OS increases 4A queries
 Vista will be v6 enbled by default

IPv6 and OS resolver
IPv6 enabled OS sends 4A queries for every name resolution
BSD/Windows
  Sends both A and 4A queries for every name resolution
   currently no way to disable one or the other

Domain Name Completion
 when a name resolution fails, both OS and APP automatically
 try different prefix/suffix completions.

OS using these domains to complete:
 FreeBSD: specified by "search" in /etc/resolv.conf,
  distributed by DHCP
 Windows: configured in control panel, distributed by
  DHCP
 Applications:
  Mozilla: retries with www domain prefix
  IE searches domain using MSN search and then retries
   name resolutions for domains by adding .com, .org,
   .net, .edu.

Convenient for user, perhaps, hard on nameservers.

Combination in FreeBSD
completions are different depending on OS
FreeBSD
 tried domain completions for A and 4A for each case.
Windows tries all 4A records first, THEN tries all A
 records.

So IPv6 queries in Windows means even if there's an
A record in v4 space, it exhausts ALL 4A possibilities
FIRST, before going back to get A record.

Longhorn/Vista
IPv6 default enabled
 ALWAYS tries 4A queries first!

IE7 plus Vista results in 12 DNS queries per user click,
best case.
Worst case, one user click results in 40 DNS queries!!

Slide showing projected impact based on historical
data plus projected Vista deployment.
Right now, 4A queries only about 5% of queries.
After Vista, size of increase could dwarf rest of
DNS queries.

Release of Windows Vista (IPv6 by default)
 doubles at least the number of user queries
 causes more queries in domain name completions and domain
  search sequences

Operators
 cache servers should be prepared for those increases

 stop domain distribution to users by DHCP or PPPoE
Developers of OS
 is current search order of resolvers appropriate?
  eg should "A" record be resolved before domain completion.

Ed from Neustar, at microphone: before we consider this
a problem, consider from point of application provider;
when you need a name, you don't know what transport you
may have underneath; if you wait for NXDomain, you
increase latency, so app developers generally send all
queries at once.
What about changing DNS to allow asking for multiple
questions at once?
Changing application behaviour isn't likely to happen,
and changing protocols isn't easy; so why not just
beef up the infrastructure to handle it?

Joel Yagli, UofOregon; do you know how many of those
queries will need to fail over from UDP to TCP due to
responses being too large to fit into a single UDP
response?
Most of the responses coming back don't have data, so
they don't need to go to TCP.

Tony Bates--what happens when v6 record is returned
as valid; does the chain stop there?
Also, if you flip to return A record first, we'll
never to move to v6.  We NEED to start resolving v6
records first, to help move the 'Net off IPv4.

Applause, on to next talk.