Internet-Draft Additional; Glue December 2021
Hoffman & van Dijk Expires 16 June 2022 [Page]
Workgroup:
Network Working Group
Internet-Draft:
draft-pp-additional-contents-01
Published:
Intended Status:
Informational
Expires:
Authors:
P. Hoffman
ICANN
P. van Dijk
PowerDNS

The Additional Section and Glue in DNS Responses

Abstract

Implementers have recently expressed different views on what can appear in the Additional section in DNS responses. Proposals for adding functionality to the DNS protocol that rely on non-glue records in the Additional section rely on having a common understanding of the semantics of the Additional section.

This document restates what has been said in other DNS standards, and does not update any of them.

Status of This Memo

This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79.

Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet-Drafts is at https://datatracker.ietf.org/drafts/current/.

Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress."

This Internet-Draft will expire on 16 June 2022.

Table of Contents

1. Introduction

RFC 1034 [DNS-CONCEPTS], RFC 1035 [DNS-BASE], and RFC 2181 [DNS-CLARIFICATIONS] are the basis for understanding the DNS protocol and message format. One important part of the message format is what record types can appear in each section of DNS responses, and the semantics of the presence or absence of those record types in each section. This document focuses on the contents of the Additional section in DNS responses.

This document explicitly does not update [DNS-CONCEPTS], [DNS-BASE], [DNS-CLARIFICATIONS], or any other document.

2. Purpose of the Additional Section

When describing what each section holds, Section 3.7 of [DNS-CONCEPTS] says:

When describing the algorithm for putting together a DNS response, Section 4.3.2 of [DNS-CONCEPTS] says:

When describing what each section holds, Section 4.1 of [DNS-BASE] says:

and that it:

3. Glue

Section 4.2.1 of [DNS-CONCEPTS] says:

and

Section 5.4.1 of [DNS-CLARIFICATIONS] says:

4. DNSSEC

RFC 4035 [DNSSEC] discusses the inclusion of DNSSEC signatures on data in the Additional section. Section 3.1.1 says:

5. Conclusions

The foundational documents for the DNS did not place any restriction on what additional information might appear in the Additional section of DNS replies. If they had, the widely used extension mechanism in RFC 6891 [DNS-EXTENSIONS] would not be possible.

Glue records are addresses for name servers. These records can (and almost always do) appear in the Additional section of responses that are delegations. Non-address records that appear in the Additional section are not considered glue as that term is used in existing RFCs.

It is both acceptable and common for RRSIG RRs to appear in the Additional section of responses.

New protocols can specify that non-address resource records can appear in the Additional section of responses. They can define the semantics of the presence or absence of those non-address records.

6. IANA Considerations

This document does not create any new IANA considerations.

7. Security Considerations

This document does not create any new security considerations.

8. Informative References

[DNS-BASE]
Mockapetris, P., "Domain names - implementation and specification", STD 13, RFC 1035, DOI 10.17487/RFC1035, , <https://www.rfc-editor.org/info/rfc1035>.
[DNS-CLARIFICATIONS]
Elz, R. and R. Bush, "Clarifications to the DNS Specification", RFC 2181, DOI 10.17487/RFC2181, , <https://www.rfc-editor.org/info/rfc2181>.
[DNS-CONCEPTS]
Mockapetris, P., "Domain names - concepts and facilities", STD 13, RFC 1034, DOI 10.17487/RFC1034, , <https://www.rfc-editor.org/info/rfc1034>.
[DNS-EXTENSIONS]
Damas, J., Graff, M., and P. Vixie, "Extension Mechanisms for DNS (EDNS(0))", STD 75, RFC 6891, DOI 10.17487/RFC6891, , <https://www.rfc-editor.org/info/rfc6891>.
[DNSSEC]
Arends, R., Austein, R., Larson, M., Massey, D., and S. Rose, "Protocol Modifications for the DNS Security Extensions", RFC 4035, DOI 10.17487/RFC4035, , <https://www.rfc-editor.org/info/rfc4035>.

Authors' Addresses

Paul Hoffman
ICANN
Peter van Dijk
PowerDNS

mirror server hosted at Truenetwork, Russian Federation.