Network Working Group C. Huitema
Internet-Draft Private Octopus Inc.
Intended status: Standards Track S. Dickinson
Expires: January 13, 2022 Sinodun IT
A. Mankin
Salesforce
July 12, 2021
Specification of DNS over Dedicated QUIC Connections
draft-ietf-dprive-dnsoquic-03
Abstract
This document describes the use of QUIC to provide transport privacy
for DNS. The encryption provided by QUIC has similar properties to
that provided by TLS, while QUIC transport eliminates the head-of-
line blocking issues inherent with TCP and provides more efficient
error corrections than UDP. DNS over QUIC (DoQ) has privacy
properties similar to DNS over TLS (DoT) specified in RFC7858, and
latency characteristics similar to classic DNS over UDP.
Status of This Memo
This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
This Internet-Draft will expire on January 13, 2022.
Copyright Notice
Copyright (c) 2021 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
(https://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents
Huitema, et al. Expires January 13, 2022 [Page 1]
Internet-Draft DNS over Dedicated QUIC July 2021
carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License.
Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3
2. Key Words . . . . . . . . . . . . . . . . . . . . . . . . . . 4
3. Document work via GitHub . . . . . . . . . . . . . . . . . . 4
4. Design Considerations . . . . . . . . . . . . . . . . . . . . 4
4.1. Provide DNS Privacy . . . . . . . . . . . . . . . . . . . 4
4.2. Design for Minimum Latency . . . . . . . . . . . . . . . 5
4.3. No Specific Middlebox Bypass Mechanism . . . . . . . . . 6
4.4. No Server Initiated Transactions . . . . . . . . . . . . 6
5. Specifications . . . . . . . . . . . . . . . . . . . . . . . 6
5.1. Connection Establishment . . . . . . . . . . . . . . . . 6
5.1.1. Draft Version Identification . . . . . . . . . . . . 6
5.1.2. Port Selection . . . . . . . . . . . . . . . . . . . 6
5.2. Stream Mapping and Usage . . . . . . . . . . . . . . . . 7
5.2.1. DNS Message IDs . . . . . . . . . . . . . . . . . . . 8
5.3. DoQ Error Codes . . . . . . . . . . . . . . . . . . . . . 8
5.3.1. Transaction Errors . . . . . . . . . . . . . . . . . 8
5.3.2. Protocol Errors . . . . . . . . . . . . . . . . . . . 8
5.4. Connection Management . . . . . . . . . . . . . . . . . . 9
5.5. Connection Resume and 0-RTT . . . . . . . . . . . . . . . 10
5.6. Message Sizes . . . . . . . . . . . . . . . . . . . . . . 10
6. Implementation Requirements . . . . . . . . . . . . . . . . . 11
6.1. Authentication . . . . . . . . . . . . . . . . . . . . . 11
6.2. Fall Back to Other Protocols on Connection Failure . . . 11
6.3. Address Validation . . . . . . . . . . . . . . . . . . . 11
6.4. Padding . . . . . . . . . . . . . . . . . . . . . . . . . 12
6.5. Connection Handling . . . . . . . . . . . . . . . . . . . 12
6.5.1. Connection Reuse . . . . . . . . . . . . . . . . . . 12
6.5.2. Resource Management and Idle Timeout Values . . . . . 13
6.6. Processing Queries in Parallel . . . . . . . . . . . . . 13
6.7. Zone transfer . . . . . . . . . . . . . . . . . . . . . . 14
6.8. Flow Control Mechanisms . . . . . . . . . . . . . . . . . 14
7. Implementation Status . . . . . . . . . . . . . . . . . . . . 14
7.1. Performance Measurements . . . . . . . . . . . . . . . . 15
8. Security Considerations . . . . . . . . . . . . . . . . . . . 15
9. Privacy Considerations . . . . . . . . . . . . . . . . . . . 16
9.1. Privacy Issues With 0-RTT data . . . . . . . . . . . . . 16
9.2. Privacy Issues With Session Resume . . . . . . . . . . . 16
9.3. Traffic Analysis . . . . . . . . . . . . . . . . . . . . 17
10. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 17
10.1. Registration of DoQ Identification String . . . . . . . 17
Huitema, et al. Expires January 13, 2022 [Page 2]
Internet-Draft DNS over Dedicated QUIC July 2021
10.2. Reservation of Dedicated Port . . . . . . . . . . . . . 17
10.2.1. Port number 784 for experimentations . . . . . . . . 18
11. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 18
12. References . . . . . . . . . . . . . . . . . . . . . . . . . 19
12.1. Normative References . . . . . . . . . . . . . . . . . . 19
12.2. Informative References . . . . . . . . . . . . . . . . . 20
12.3. URIs . . . . . . . . . . . . . . . . . . . . . . . . . . 21
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 22
1. Introduction
Domain Name System (DNS) concepts are specified in "Domain names -
concepts and facilities" [RFC1034]. The transmission of DNS queries
and responses over UDP and TCP is specified in "Domain names -
implementation and specification" [RFC1035]. This document presents
a mapping of the DNS protocol over the QUIC transport [RFC9000]
[RFC9001]. DNS over QUIC is referred here as DoQ, in line with "DNS
Terminology" [I-D.ietf-dnsop-rfc8499bis]. The goals of the DoQ
mapping are:
1. Provide the same DNS privacy protection as DNS over TLS (DoT)
[RFC7858]. This includes an option for the client to
authenticate the server by means of an authentication domain name
as specified in "Usage Profiles for DNS over TLS and DNS over
DTLS" [RFC8310].
2. Provide an improved level of source address validation for DNS
servers compared to classic DNS over UDP.
3. Provide a transport that is not constrained by path MTU
limitations on the size of DNS responses it can send.
4. Explore the characteristics of using QUIC as a DNS transport,
versus other solutions like DNS over UDP [RFC1035], DNS over TLS
(DoT) [RFC7858], or DNS over HTTPS (DoH) [RFC8484].
In order to achieve these goals, and to support ongoing work on
encryption of DNS, the scope of this document includes
o the "stub to recursive resolver" scenario
o the "recursive resolver to authoritative nameserver" scenario and
o the "nameserver to nameserver" scenario (mainly used for zone
transfers (XFR) [RFC1995], [RFC5936]).
In other words, this document is intended to specify QUIC as a
general purpose transport for DNS.
Huitema, et al. Expires January 13, 2022 [Page 3]
Internet-Draft DNS over Dedicated QUIC July 2021
The specific non-goals of this document are:
1. No attempt is made to evade potential blocking of DNS over QUIC
traffic by middleboxes.
2. No attempt to support server initiated transactions, which are
used only in DNS Stateful Operations (DSO) [RFC8490].
Specifying the transmission of an application over QUIC requires
specifying how the application's messages are mapped to QUIC streams,
and generally how the application will use QUIC. This is done for
HTTP in "Hypertext Transfer Protocol Version 3
(HTTP/3)"[I-D.ietf-quic-http]. The purpose of this document is to
define the way DNS messages can be transmitted over QUIC.
In this document, Section 4 presents the reasoning that guided the
proposed design. Section 5 specifies the actual mapping of DoQ.
Section 6 presents guidelines on the implementation, usage and
deployment of DoQ.
2. Key Words
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in BCP 14 [RFC8174].
3. Document work via GitHub
(RFC EDITOR NOTE: THIS SECTION TO BE REMOVED BEFORE PUBLICATION)The
Github repository for this document is at https://github.com/huitema/
dnsoquic. Proposed text and editorial changes are very much welcomed
there, but any functional changes should always first be discussed on
the IETF DPRIVE WG (dns-privacy) mailing list.
4. Design Considerations
This section and its subsections present the design guidelines that
were used for DoQ. This section is informative in nature.
4.1. Provide DNS Privacy
DoT [RFC7858] defines how to mitigate some of the issues described in
"DNS Privacy Considerations" [RFC7626] by specifying how to transmit
DNS messages over TLS. The "Usage Profiles for DNS over TLS and DNS
over DTLS" [RFC8310] specify Strict and Opportunistic Usage Profiles
for DoT including how stub resolvers can authenticate recursive
resolvers.
Huitema, et al. Expires January 13, 2022 [Page 4]
Internet-Draft DNS over Dedicated QUIC July 2021
QUIC connection setup includes the negotiation of security parameters
using TLS, as specified in "Using TLS to Secure QUIC" [RFC9001],
enabling encryption of the QUIC transport. Transmitting DNS messages
over QUIC will provide essentially the same privacy protections as
DoT [RFC7858] including Strict and Opportunistic Usage Profiles
[RFC8310]. Further discussion on this is provided in Section 9.
4.2. Design for Minimum Latency
QUIC is specifically designed to reduce the delay between HTTP
queries and HTTP responses. This is achieved through three main
components:
1. Support for 0-RTT data during session resumption.
2. Support for advanced error recovery procedures as specified in
"QUIC Loss Detection and Congestion Control"
[I-D.ietf-quic-recovery].
3. Mitigation of head-of-line blocking by allowing parallel delivery
of data on multiple streams.
This mapping of DNS to QUIC will take advantage of these features in
three ways:
1. Optional support for sending 0-RTT data during session resumption
(the security and privacy implications of this are discussed in
later sections).
2. Long-lived QUIC connections over which multiple DNS transactions
are performed, generating the sustained traffic required to
benefit from advanced recovery features.
3. Fast resumption of QUIC connections to manage the disconnect-on-
idle feature of QUIC without incurring retransmission time-outs.
4. Mapping of each DNS Query/Response transaction to a separate
stream, to mitigate head-of-line blocking. This enables servers
to respond to queries "out of order". It also enables clients to
process responses as soon as they arrive, without having to wait
for in order delivery of responses previously posted by the
server.
These considerations will be reflected in the mapping of DNS traffic
to QUIC streams in Section 5.2.
Huitema, et al. Expires January 13, 2022 [Page 5]
Internet-Draft DNS over Dedicated QUIC July 2021
4.3. No Specific Middlebox Bypass Mechanism
The mapping of DoQ is defined for minimal overhead and maximum
performance. This means a different traffic profile than HTTP3 over
QUIC. This difference can be noted by firewalls and middleboxes.
There may be environments in which HTTP3 over QUIC will be able to
pass through, but DoQ will be blocked by these middle boxes.
4.4. No Server Initiated Transactions
As stated in Section 1, this document does not specify support for
server initiated transactions. DSO is only applicable for DNS over
TCP and DNS over TLS. DSO is not applicable to DNS over HTTP since
HTTP has its own mechanism for managing sessions, and this is
incompatible with the DSO; the same is true for DoQ.
5. Specifications
5.1. Connection Establishment
DoQ connections are established as described in the QUIC transport
specification [RFC9000]. During connection establishment, DoQ
support is indicated by selecting the ALPN token "doq" in the crypto
handshake.
5.1.1. Draft Version Identification
(RFC EDITOR NOTE: THIS SECTION TO BE REMOVED BEFORE PUBLICATION) Only
implementations of the final, published RFC can identify themselves
as "doq". Until such an RFC exists, implementations MUST NOT
identify themselves using this string.
Implementations of draft versions of the protocol MUST add the string
"-" and the corresponding draft number to the identifier. For
example, draft-ietf-dprive-dnsoquic-00 is identified using the string
"doq-i00".
5.1.2. Port Selection
By default, a DNS server that supports DoQ MUST listen for and accept
QUIC connections on the dedicated UDP port TBD (number to be defined
in Section 10), unless it has mutual agreement with its clients to
use a port other than TBD for DoQ. In order to use a port other than
TBD, both clients and servers would need a configuration option in
their software.
By default, a DNS client desiring to use DoQ with a particular server
MUST establish a QUIC connection to UDP port TBD on the server,
Huitema, et al. Expires January 13, 2022 [Page 6]
Internet-Draft DNS over Dedicated QUIC July 2021
unless it has mutual agreement with its server to use a port other
than port TBD for DoQ. Such another port MUST NOT be port 53. This
recommendation against use of port 53 for DoQ is to avoid confusion
between DoQ and the use of DNS over UDP [RFC1035].
5.2. Stream Mapping and Usage
The mapping of DNS traffic over QUIC streams takes advantage of the
QUIC stream features detailed in Section 2 of the QUIC transport
specification [RFC9000].
DNS traffic follows a simple pattern in which the client sends a
query, and the server provides one or more responses (multiple can
responses occur in zone transfers).
The mapping specified here requires that the client selects a
separate QUIC stream for each query. The server then uses the same
stream to provide all the response messages for that query. In order
that multiple responses can be parsed, a 2-octet length field is used
in exactly the same way as the 2-octet length field defined for DNS
over TCP [RFC1035]. The practical result of this is that the content
of each QUIC stream is exactly the same as the content of a TCP
connection that would manage exactly one query.
All DNS messages (queries and responses) sent over DoQ connections
MUST be encoded as a 2-octet length field followed by the message
content as specified in [RFC1035].
The client MUST select the next available client-initiated
bidirectional stream for each subsequent query on a QUIC connection,
in conformance with the QUIC transport specification [RFC9000].
The client MUST send the DNS query over the selected stream, and MUST
indicate through the STREAM FIN mechanism that no further data will
be sent on that stream.
The server MUST send the response(s) on the same stream and MUST
indicate, after the last response, through the STREAM FIN mechanism
that no further data will be sent on that stream.
Therefore, a single client initiated DNS transaction consumes a
single stream. This means that the client's first query occurs on
QUIC stream 0, the second on 4, and so on.
For completeness it is noted that versions prior to -02 of this
specification proposed a simpler mapping scheme which omitted the 2
byte length field and supported only a single response on a given
stream. The more complex mapping above was adopted to specifically
Huitema, et al. Expires January 13, 2022 [Page 7]
Internet-Draft DNS over Dedicated QUIC July 2021
cater for XFR support, however it breaks compatibility with earlier
versions.
5.2.1. DNS Message IDs
When sending queries over a QUIC connection, the DNS Message ID MUST
be set to zero.
It is noted that this has implications for proxying DoQ message to
other transports in that a mapping of some form must be performed
(e.g., from DoQ connection/stream to unique Message ID).
5.3. DoQ Error Codes
The following error codes are defined for use when abruptly
terminating streams, aborting reading of streams, or immediately
closing connections:
DOQ_NO_ERROR (0x00): No error. This is used when the connection or
stream needs to be closed, but there is no error to signal.
DOQ_INTERNAL_ERROR (0x01): The DoQ implementation encountered an
internal error and is incapable of pursuing the transaction or the
connection.
DOQ_PROTOCOL_ERROR (0x01): The DoQ implementation encountered an
protocol error and is forcibly aborting the connection.
5.3.1. Transaction Errors
Servers normally complete transactions by sending a DNS response (or
responses) on the transaction's stream, including cases where the DNS
response indicates a DNS error. For example, a Server Failure
(SERVFAIL, [RFC1035]) SHOULD be notified to the client by sending
back a response with the Response Code set to SERVFAIL.
If a server is incapable of sending a DNS response due to an internal
error, it may issue a QUIC Stream Reset with error code
DOQ_INTERNAL_ERROR. The corresponding transaction MUST be abandoned.
5.3.2. Protocol Errors
Other error scenarios can occur due to malformed, incomplete or
unexpected messages during a transaction. These include (but are not
limited to)
o a client or server receives a message with a non-zero Message ID
Huitema, et al. Expires January 13, 2022 [Page 8]
Internet-Draft DNS over Dedicated QUIC July 2021
o a client or server receives a STREAM FIN before receiving all the
bytes for a message indicated in the 2-octet length field
o a client receives a STREAM FIN before receiving all the expected
responses
o a server receives more than one query on a stream
o a client receives a different number of responses on a stream than
expected (e.g. multiple responses to a query for an A record)
o an implementation receives a message containing the edns-tcp-
keepalive EDNS(0) Option [RFC7828] (see Section 6.5.2)
o an implementation receives a message containing the EDNS(0)
Padding Option [RFC7830] (see Section 6.4)
If a peer encounters such an error condition it is considered a fatal
error. It SHOULD forcibly abort the connection using QUIC's
CONNECTION_CLOSE mechanism, and use the DoQ error code
DOQ_PROTCOL_ERROR.
It is noted that the restrictions on use of the above EDNS(0) options
has implications for proxying message from TCP/DoT/DoH over DoQ.
5.4. Connection Management
Section 10 of the QUIC transport specification [RFC9000] specifies
that connections can be closed in three ways:
o idle timeout
o immediate close
o stateless reset
Clients and servers implementing DoQ SHOULD negotiate use of the idle
timeout. Closing on idle timeout is done without any packet
exchange, which minimizes protocol overhead. Per section 10.1 of the
QUIC transport specification, the effective value of the idle timeout
is computed as the minimum of the values advertised by the two
endpoints. Practical considerations on setting the idle timeout are
discussed in Section 6.5.2.
Clients SHOULD monitor the idle time incurred on their connection to
the server, defined by the time spent since the last packet from the
server has been received. When a client prepares to send a new DNS
query to the server, it will check whether the idle time is
Huitema, et al. Expires January 13, 2022 [Page 9]
Internet-Draft DNS over Dedicated QUIC July 2021
sufficient lower than the idle timer. If it is, the client will send
the DNS query over the existing connection. If not, the client will
establish a new connection and send the query over that connection.
Clients MAY discard their connection to the server before the idle
timeout expires. If they do that, they SHOULD close the connection
explicitly, using QUIC's CONNECTION_CLOSE mechanism, and use the DoQ
error code DOQ_NO_ERROR.
Clients and servers MAY close the connection for a variety of other
reasons, indicated using QUIC's CONNECTION_CLOSE. Client and servers
that send packets over a connection discarded by their peer MAY
receive a stateless reset indication. If a connection fails, all
queries in progress over the connection MUST be considered failed,
and a Server Failure (SERVFAIL, [RFC1035]) SHOULD be notified to the
initiator of the transaction.
5.5. Connection Resume and 0-RTT
A client MAY take advantage of the connection resume mechanisms
supported by QUIC transport [RFC9000] and QUIC TLS [RFC9001].
Clients SHOULD consider potential privacy issues associated with
session resume before deciding to use this mechanism. These privacy
issues are detailed in Section 9.2.
When resuming a session, a client MAY take advantage of the 0-RTT
mechanism supported by QUIC. The 0-RTT mechanism MUST NOT be used to
send data that is not "replayable" transactions. For example, a
client MAY transmit a Query as 0-RTT, but MUST NOT transmit an
Update.
5.6. Message Sizes
DoQ Queries and Responses are sent on QUIC streams, which in theory
can carry up to 2^62 bytes. However, DNS messages are restricted in
practice to a maximum size of 65535 bytes. This maximum size is
enforced by the use of a two-octet message length field in DNS over
TCP [RFC1035] and DNS over TLS [RFC7858], and by the definition of
the "application/dns-message" for DNS over HTTP [RFC8484]. DoQ
enforces the same restriction.
The flow control mechanisms of QUIC control how much data can be sent
by QUIC nodes at a given time. The initial values of per stream flow
control parameters is defined by two transport parameters:
o initial_max_stream_data_bidi_local: when set by the client,
specifies the amount of data that servers can send on a "response"
stream without waiting for a MAX_STREAM_DATA frame.
Huitema, et al. Expires January 13, 2022 [Page 10]
Internet-Draft DNS over Dedicated QUIC July 2021
o initial_max_stream_data_bidi_remote: when set by the server,
specifies the amount of data that clients can send on a "query"
stream without waiting for a MAX_STREAM_DATA frame.
For better performance, it is RECOMMENDED that clients and servers
set each of these two parameters to a value of 65535 or greater.
The Extension Mechanisms for DNS (EDNS) [RFC6891] allow peers to
specify the UDP message size. This parameter is ignored by DoQ. DoQ
implementations always assume that the maximum message size is 65535
bytes.
6. Implementation Requirements
6.1. Authentication
For the stub to recursive resolver scenario, the authentication
requirements are the same as described in DoT [RFC7858] and "Usage
Profiles for DNS over TLS and DNS over DTLS" [RFC8310]. There is no
need to authenticate the client's identity in either scenario.
For zone transfer, the requirements are the same as described in
[I-D.ietf-dprive-xfr-over-tls].
For the recursive resolver to authoritative nameserver scenario,
authentication requirements are unspecified at the time of writing
and are the subject on ongoing work in the DPRIVE WG.
6.2. Fall Back to Other Protocols on Connection Failure
If the establishment of the DoQ connection fails, clients MAY attempt
to fall back to DoT and then potentially clear text, as specified in
DoT [RFC7858] and "Usage Profiles for DNS over TLS and DNS over DTLS"
[RFC8310], depending on their privacy profile.
DNS clients SHOULD remember server IP addresses that don't support
DoQ, including timeouts, connection refusals, and QUIC handshake
failures, and not request DoQ from them for a reasonable period (such
as one hour per server). DNS clients following an out-of-band key-
pinned privacy profile ([RFC7858]) MAY be more aggressive about
retrying DoQ connection failures.
6.3. Address Validation
Section 8 of the QUIC transport specification [RFC9000] defines
Address Validation procedures to avoid servers being used in address
amplification attacks. DoQ implementations MUST conform to this
Huitema, et al. Expires January 13, 2022 [Page 11]
Internet-Draft DNS over Dedicated QUIC July 2021
specification, which limits the worst case amplification to a factor
3.
DoQ implementations SHOULD consider configuring servers to use the
Address Validation using Retry Packets procedure defined in section
8.1.2 of the QUIC transport specification [RFC9000]). This procedure
imposes a 1-RTT delay for verifying the return routability of the
source address of a client, similar to the DNS Cookies mechanism
[RFC7873].
DoQ implementations that configure Address Validation using Retry
Packets SHOULD implement the Address Validation for Future
Connections procedure defined in section 8.1.3 of the QUIC transport
specification [RFC9000]). This defines how servers can send NEW
TOKEN frames to clients after the client address is validated, in
order to avoid the 1-RTT penalty during subsequent connections by the
client from the same address.
6.4. Padding
There are mechanisms specified for padding individual DNS messages in
"The EDNS(0) Padding Option" [RFC7830] and for padding within QUIC
packets (see Section 8.6 of the QUIC transport specification
[RFC9000]).
Implementations MUST NOT use DNS options for padding individual DNS
messages, because QUIC transport MAY transmit multiple STREAM frames
containing separate DNS messages in a single QUIC packet. Instead,
implementations SHOULD use QUIC PADDING frames to align the packet
length to a small set of fixed sizes, aligned with the
recommendations of the "Padding Policies for Extension Mechanisms for
DNS (EDNS(0))" [RFC8467].
6.5. Connection Handling
"DNS Transport over TCP - Implementation Requirements" [RFC7766]
provides updated guidance on DNS over TCP, some of which is
applicable to DoQ. This section attempts to specify which and how
those considerations apply to DoQ.
6.5.1. Connection Reuse
Historic implementations of DNS clients are known to open and close
TCP connections for each DNS query. To avoid excess QUIC
connections, each with a single query, clients SHOULD reuse a single
QUIC connection to the recursive resolver.
Huitema, et al. Expires January 13, 2022 [Page 12]
Internet-Draft DNS over Dedicated QUIC July 2021
In order to achieve performance on par with UDP, DNS clients SHOULD
send their queries concurrently over the QUIC streams on a QUIC
connection. That is, when a DNS client sends multiple queries to a
server over a QUIC connection, it SHOULD NOT wait for an outstanding
reply before sending the next query.
6.5.2. Resource Management and Idle Timeout Values
Proper management of established and idle connections is important to
the healthy operation of a DNS server. An implementation of DoQ
SHOULD follow best practices similar to those specified for DNS over
TCP [RFC7766], in particular with regard to:
o Concurrent Connections (Section 6.2.2)
o Security Considerations (Section 10)
Failure to do so may lead to resource exhaustion and denial of
service.
Clients that want to maintain long duration DoQ connections SHOULD
use the idle timeout mechanisms defined in Section 10.1 of the QUIC
transport specification [RFC9000]. Clients and servers MUST NOT send
the edns-tcp-keepalive EDNS(0) Option [RFC7828] in any messages sent
on a DoQ connection (because it is specific to the use of TCP/TLS as
a transport).
This document does not make specific recommendations for timeout
values on idle connections. Clients and servers should reuse and/or
close connections depending on the level of available resources.
Timeouts may be longer during periods of low activity and shorter
during periods of high activity.
Clients that are willing to use QUIC's 0-RTT mechanism can
reestablish connections and send transactions on the new connection
with minimal delay overhead. These clients MAY chose low values of
the idle timer.
6.6. Processing Queries in Parallel
As specified in Section 7 of "DNS Transport over TCP - Implementation
Requirements" [RFC7766], resolvers are RECOMMENDED to support the
preparing of responses in parallel and sending them out of order. In
DoQ, they do that by sending responses on their specific stream as
soon as possible, without waiting for availability of responses for
previously opened streams.
Huitema, et al. Expires January 13, 2022 [Page 13]
Internet-Draft DNS over Dedicated QUIC July 2021
6.7. Zone transfer
[I-D.ietf-dprive-xfr-over-tls] specifies zone transfer over TLS (XoT)
and includes updates to [RFC1995] (IXFR), [RFC5936] (AXFR) and
[RFC7766]. Considerations relating to the re-use of XoT connections
described there apply analogously to zone transfers performed using
DoQ connections. For example:
o DoQ servers MUST be able to handle multiple concurrent IXFR
requests on a single QUIC connection
o DoQ servers MUST be able to handle multiple concurrent AXFR
requests on a single QUIC connection
o DoQ implementations SHOULD
* use the same QUIC connection for both AXFR and IXFR requests to
the same primary
* pipeline such requests (if they pipeline XFR requests in
general) and MAY intermingle them
* send the response(s) for each request as soon as they are
available i.e. responses MAY be sent intermingled
6.8. Flow Control Mechanisms
Servers and Clients manage flow control as specified in QUIC.
Servers MAY use the "maximum stream ID" option of the QUIC transport
to limit the number of streams opened by the client. This mechanism
will effectively limit the number of DNS queries that a client can
send on a single DoQ connection.
7. Implementation Status
(RFC EDITOR NOTE: THIS SECTION TO BE REMOVED BEFORE PUBLICATION) This
section records the status of known implementations of the protocol
defined by this specification at the time of posting of this
Internet-Draft, and is based on a proposal described in [RFC7942].
1. AdGuard launched a DoQ recursive resolver service in December
2020. They have released a suite of open source tools that
support DoQ:
1. AdGuard C++ DNS libraries [1] A DNS proxy library that
supports all existing DNS protocols including DNS-over-TLS,
DNS-over-HTTPS, DNSCrypt and DNS-over-QUIC (experimental).
Huitema, et al. Expires January 13, 2022 [Page 14]
Internet-Draft DNS over Dedicated QUIC July 2021
2. DNS Proxy [2] A simple DNS proxy server that supports all
existing DNS protocols including DNS-over-TLS, DNS-over-
HTTPS, DNSCrypt, and DNS-over-QUIC. Moreover, it can work as
a DNS-over-HTTPS, DNS-over-TLS or DNS-over-QUIC server.
3. CoreDNS fork for AdGuard DNS [3] Includes DNS-over-QUIC
server-side support.
4. dnslookup [4] Simple command line utility to make DNS
lookups. Supports all known DNS protocols: plain DNS, DoH,
DoT, DoQ, DNSCrypt.
2. Quicdoq [5] Quicdoq is a simple open source implementation of
DoQ. It is written in C, based on Picoquic [6].
3. Flamethrower [7] is an open source DNS performance and functional
testing utility written in C++ that has an experimental
implementation of DoQ.
4. aioquic [8] is an implementation of QUIC in Python. It includes
example client and server for DoQ.
7.1. Performance Measurements
To our knowledge, no benchmarking studies comparing DoT, DoH and DoQ
are published yet. However anecdotal evidence from the AdGuard DoQ
recursive resolver deployment [9] indicates that it performs well
compared to the other encrypted protocols, particularly in mobile
environments. Reasons given for this include that DoQ
o Uses less bandwidth due to a more efficient handshake (and due to
less per message overhead when compared to DoH).
o Performs better in mobile environments due to the increased
resilience to packet loss
o Can maintain connections as users move between mobile networks via
its connection management
8. Security Considerations
The security considerations of DoQ should be comparable to those of
DoT [RFC7858].
Huitema, et al. Expires January 13, 2022 [Page 15]
Internet-Draft DNS over Dedicated QUIC July 2021
9. Privacy Considerations
The general considerations of encrypted transports provided in "DNS
Privacy Considerations" [I-D.ietf-dprive-rfc7626-bis] apply to DoQ.
The specific considerations provided there do not differ between DoT
and DoQ, and are not discussed further here.
QUIC incorporates the mechanisms of TLS 1.3 [RFC8446] and this
enables QUIC transmission of "0-RTT" data. This can provide
interesting latency gains, but it raises two concerns:
1. Adversaries could replay the 0-RTT data and infer its content
from the behavior of the receiving server.
2. The 0-RTT mechanism relies on TLS resume, which can provide
linkability between successive client sessions.
These issues are developed in Section 9.1 and Section 9.2.
9.1. Privacy Issues With 0-RTT data
The 0-RTT data can be replayed by adversaries. That data may trigger
queries by a recursive resolver to authoritative resolvers.
Adversaries may be able to pick a time at which the recursive
resolver outgoing traffic is observable, and thus find out what name
was queried for in the 0-RTT data.
This risk is in fact a subset of the general problem of observing the
behavior of the recursive resolver discussed in "DNS Privacy
Considerations" [RFC7626]. The attack is partially mitigated by
reducing the observability of this traffic. However, the risk is
amplified for 0-RTT data, because the attacker might replay it at
chosen times, several times.
The recommendation for TLS 1.3 [RFC8446] is that the capability to
use 0-RTT data should be turned off by default, and only enabled if
the user clearly understands the associated risks.
QUESTION: Should 0-RTT only be used with Opportunistic profiles (i.e.
disabled by default for Strict only)?
9.2. Privacy Issues With Session Resume
The QUIC session resume mechanism reduces the cost of re-establishing
sessions and enables 0-RTT data. There is a linkability issue
associated with session resume, if the same resume token is used
several times, but this risk is mitigated by the mechanisms
incorporated in QUIC and in TLS 1.3. With these mechanisms, clients
Huitema, et al. Expires January 13, 2022 [Page 16]
Internet-Draft DNS over Dedicated QUIC July 2021
and servers can cooperate to avoid linkability by third parties.
However, the server will always be able to link the resumed session
to the initial session. This creates a virtual long duration
session. The series of queries in that session can be used by the
server to identify the client.
Enabling the server to link client sessions through session resume is
probably not a large additional risk if the client's connectivity did
not change between the sessions, since the two sessions can probably
be correlated by comparing the IP addresses. On the other hand, if
the addresses did change, the client SHOULD consider whether the
linkability risk exceeds the performance benefits. This evaluation
will obviously depend on the level of trust between client and
server.
9.3. Traffic Analysis
Even though QUIC packets are encrypted, adversaries can gain
information from observing packet lengths, in both queries and
responses, as well as packet timing. Many DNS requests are emitted
by web browsers. Loading a specific web page may require resolving
dozen of DNS names. If an application adopts a simple mapping of one
query or response per packet, or "one QUIC STREAM frame per packet",
then the succession of packet lengths may provide enough information
to identify the requested site.
Implementations SHOULD use the mechanisms defined in Section 6.4 to
mitigate this attack.
10. IANA Considerations
10.1. Registration of DoQ Identification String
This document creates a new registration for the identification of
DoQ in the "Application Layer Protocol Negotiation (ALPN) Protocol
IDs" registry [RFC7301].
The "doq" string identifies DoQ:
Protocol: DoQ
Identification Sequence: 0x64 0x6F 0x71 ("doq")
Specification: This document
10.2. Reservation of Dedicated Port
Port 853 is currently reserved for 'DNS query-response protocol run
over TLS/DTLS' [RFC7858]. However, the specification for DNS over
DTLS (DoD) [RFC8094] is experimental, limited to stub to resolver,
Huitema, et al. Expires January 13, 2022 [Page 17]
Internet-Draft DNS over Dedicated QUIC July 2021
and no implementations or deployments currently exist to our
knowledge (even though several years have passed since the
specification was published).
This specification proposes to additionally reserve the use of port
853 for DoQ. Whilst [RFC8094] did not specify the use of an ALPN for
DoD, DoQ requires the use of the "doq" ALPN and is therefore de-
muxable from DoD.
IANA is requested to add the following value to the "Service Name and
Transport Protocol Port Number Registry" in the System Range. The
registry for that range requires IETF Review or IESG Approval
[RFC6335].
Service Name dns-over-quic
Port Number 853
Transport Protocol(s) UDP
Assignee IESG
Contact IETF Chair
Description DNS query-response protocol run over QUIC
Reference This document
10.2.1. Port number 784 for experimentations
(RFC EDITOR NOTE: THIS SECTION TO BE REMOVED BEFORE PUBLICATION)
Early experiments MAY use port 784. This port is marked in the IANA
registry as unassigned.
(Note that version in -02 of this draft experiments were directed to
use port 8853.)
11. Acknowledgements
This document liberally borrows text from the HTTP-3 specification
[I-D.ietf-quic-http] edited by Mike Bishop, and from the DoT
specification [RFC7858] authored by Zi Hu, Liang Zhu, John Heidemann,
Allison Mankin, Duane Wessels, and Paul Hoffman.
The privacy issue with 0-RTT data and session resume were analyzed by
Daniel Kahn Gillmor (DKG) in a message to the IETF "DPRIVE" working
group [DNS0RTT].
Thanks to Tony Finch for an extensive review of the initial version
of this draft. Reviews by Paul Hoffman and interoperability tests
conducted by Stephane Bortzmeyer helped improve the definition of the
protocol.
Huitema, et al. Expires January 13, 2022 [Page 18]
Internet-Draft DNS over Dedicated QUIC July 2021
12. References
12.1. Normative References
[I-D.ietf-dnsop-rfc8499bis]
Hoffman, P. and K. Fujiwara, "DNS Terminology", draft-
ietf-dnsop-rfc8499bis-02 (work in progress), June 2021.
[I-D.ietf-dprive-xfr-over-tls]
Toorop, W., Dickinson, S., Sahib, S., Aras, P., and A.
Mankin, "DNS Zone Transfer-over-TLS", draft-ietf-dprive-
xfr-over-tls-12 (work in progress), May 2021.
[RFC1034] Mockapetris, P., "Domain names - concepts and facilities",
STD 13, RFC 1034, DOI 10.17487/RFC1034, November 1987,
<https://www.rfc-editor.org/info/rfc1034>.
[RFC1035] Mockapetris, P., "Domain names - implementation and
specification", STD 13, RFC 1035, DOI 10.17487/RFC1035,
November 1987, <https://www.rfc-editor.org/info/rfc1035>.
[RFC1995] Ohta, M., "Incremental Zone Transfer in DNS", RFC 1995,
DOI 10.17487/RFC1995, August 1996,
<https://www.rfc-editor.org/info/rfc1995>.
[RFC5936] Lewis, E. and A. Hoenes, Ed., "DNS Zone Transfer Protocol
(AXFR)", RFC 5936, DOI 10.17487/RFC5936, June 2010,
<https://www.rfc-editor.org/info/rfc5936>.
[RFC6891] Damas, J., Graff, M., and P. Vixie, "Extension Mechanisms
for DNS (EDNS(0))", STD 75, RFC 6891,
DOI 10.17487/RFC6891, April 2013,
<https://www.rfc-editor.org/info/rfc6891>.
[RFC7301] Friedl, S., Popov, A., Langley, A., and E. Stephan,
"Transport Layer Security (TLS) Application-Layer Protocol
Negotiation Extension", RFC 7301, DOI 10.17487/RFC7301,
July 2014, <https://www.rfc-editor.org/info/rfc7301>.
[RFC7766] Dickinson, J., Dickinson, S., Bellis, R., Mankin, A., and
D. Wessels, "DNS Transport over TCP - Implementation
Requirements", RFC 7766, DOI 10.17487/RFC7766, March 2016,
<https://www.rfc-editor.org/info/rfc7766>.
[RFC7828] Wouters, P., Abley, J., Dickinson, S., and R. Bellis, "The
edns-tcp-keepalive EDNS0 Option", RFC 7828,
DOI 10.17487/RFC7828, April 2016,
<https://www.rfc-editor.org/info/rfc7828>.
Huitema, et al. Expires January 13, 2022 [Page 19]
Internet-Draft DNS over Dedicated QUIC July 2021
[RFC7830] Mayrhofer, A., "The EDNS(0) Padding Option", RFC 7830,
DOI 10.17487/RFC7830, May 2016,
<https://www.rfc-editor.org/info/rfc7830>.
[RFC7858] Hu, Z., Zhu, L., Heidemann, J., Mankin, A., Wessels, D.,
and P. Hoffman, "Specification for DNS over Transport
Layer Security (TLS)", RFC 7858, DOI 10.17487/RFC7858, May
2016, <https://www.rfc-editor.org/info/rfc7858>.
[RFC7873] Eastlake 3rd, D. and M. Andrews, "Domain Name System (DNS)
Cookies", RFC 7873, DOI 10.17487/RFC7873, May 2016,
<https://www.rfc-editor.org/info/rfc7873>.
[RFC8094] Reddy, T., Wing, D., and P. Patil, "DNS over Datagram
Transport Layer Security (DTLS)", RFC 8094,
DOI 10.17487/RFC8094, February 2017,
<https://www.rfc-editor.org/info/rfc8094>.
[RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC
2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174,
May 2017, <https://www.rfc-editor.org/info/rfc8174>.
[RFC8310] Dickinson, S., Gillmor, D., and T. Reddy, "Usage Profiles
for DNS over TLS and DNS over DTLS", RFC 8310,
DOI 10.17487/RFC8310, March 2018,
<https://www.rfc-editor.org/info/rfc8310>.
[RFC8484] Hoffman, P. and P. McManus, "DNS Queries over HTTPS
(DoH)", RFC 8484, DOI 10.17487/RFC8484, October 2018,
<https://www.rfc-editor.org/info/rfc8484>.
[RFC9000] Iyengar, J., Ed. and M. Thomson, Ed., "QUIC: A UDP-Based
Multiplexed and Secure Transport", RFC 9000,
DOI 10.17487/RFC9000, May 2021,
<https://www.rfc-editor.org/info/rfc9000>.
[RFC9001] Thomson, M., Ed. and S. Turner, Ed., "Using TLS to Secure
QUIC", RFC 9001, DOI 10.17487/RFC9001, May 2021,
<https://www.rfc-editor.org/info/rfc9001>.
12.2. Informative References
[DNS0RTT] Kahn Gillmor, D., "DNS + 0-RTT", Message to DNS-Privacy WG
mailing list, April 2016, <https://www.ietf.org/mail-
archive/web/dns-privacy/current/msg01276.html>.
Huitema, et al. Expires January 13, 2022 [Page 20]
Internet-Draft DNS over Dedicated QUIC July 2021
[I-D.ietf-dprive-rfc7626-bis]
Wicinski, T., "DNS Privacy Considerations", draft-ietf-
dprive-rfc7626-bis-09 (work in progress), March 2021.
[I-D.ietf-quic-http]
Bishop, M., "Hypertext Transfer Protocol Version 3
(HTTP/3)", draft-ietf-quic-http-34 (work in progress),
February 2021.
[I-D.ietf-quic-recovery]
Iyengar, J. and I. Swett, "QUIC Loss Detection and
Congestion Control", draft-ietf-quic-recovery-34 (work in
progress), January 2021.
[RFC6335] Cotton, M., Eggert, L., Touch, J., Westerlund, M., and S.
Cheshire, "Internet Assigned Numbers Authority (IANA)
Procedures for the Management of the Service Name and
Transport Protocol Port Number Registry", BCP 165,
RFC 6335, DOI 10.17487/RFC6335, August 2011,
<https://www.rfc-editor.org/info/rfc6335>.
[RFC7626] Bortzmeyer, S., "DNS Privacy Considerations", RFC 7626,
DOI 10.17487/RFC7626, August 2015,
<https://www.rfc-editor.org/info/rfc7626>.
[RFC7942] Sheffer, Y. and A. Farrel, "Improving Awareness of Running
Code: The Implementation Status Section", BCP 205,
RFC 7942, DOI 10.17487/RFC7942, July 2016,
<https://www.rfc-editor.org/info/rfc7942>.
[RFC8446] Rescorla, E., "The Transport Layer Security (TLS) Protocol
Version 1.3", RFC 8446, DOI 10.17487/RFC8446, August 2018,
<https://www.rfc-editor.org/info/rfc8446>.
[RFC8467] Mayrhofer, A., "Padding Policies for Extension Mechanisms
for DNS (EDNS(0))", RFC 8467, DOI 10.17487/RFC8467,
October 2018, <https://www.rfc-editor.org/info/rfc8467>.
[RFC8490] Bellis, R., Cheshire, S., Dickinson, J., Dickinson, S.,
Lemon, T., and T. Pusateri, "DNS Stateful Operations",
RFC 8490, DOI 10.17487/RFC8490, March 2019,
<https://www.rfc-editor.org/info/rfc8490>.
12.3. URIs
[1] https://github.com/AdguardTeam/DnsLibs
[2] https://github.com/AdguardTeam/dnsproxy
Huitema, et al. Expires January 13, 2022 [Page 21]
Internet-Draft DNS over Dedicated QUIC July 2021
[3] https://github.com/AdguardTeam/coredns
[4] https://github.com/ameshkov/dnslookup
[5] https://github.com/private-octopus/quicdoq
[6] https://github.com/private-octopus/picoquic
[7] https://github.com/DNS-OARC/flamethrower/tree/dns-over-quic
[8] https://github.com/aiortc/aioquic
[9] https://adguard.com/en/blog/dns-over-quic.html
Authors' Addresses
Christian Huitema
Private Octopus Inc.
427 Golfcourse Rd
Friday Harbor WA 98250
U.S.A
Email: huitema@huitema.net
Sara Dickinson
Sinodun IT
Oxford Science Park
Oxford OX4 4GA
U.K.
Email: sara@sinodun.com
Allison Mankin
Salesforce
Email: allison.mankin@gmail.com
Huitema, et al. Expires January 13, 2022 [Page 22]
