DNS Name Server Identifier (NSID) Option
RFC 5001
Document Type RFC - Proposed Standard (August 2007; No errata)
Author Rob Austein 
Last updated 2015-10-14
Replaces draft-austein-dnsext-nsid
Stream IETF
Formats plain text html pdf htmlized bibtex
Reviews
SECDIR Early Review
Stream WG state (None)
Document shepherd No shepherd assigned
IESG IESG state RFC 5001 (Proposed Standard)
Consensus Boilerplate Unknown
Telechat date
Responsible AD Mark Townsley
Send notices to (None)
Email authors Email WG IPR References Referenced by Nits 
Network Working Group                                         R. Austein
Request for Comments: 5001                                           ISC
Category: Standards Track                                    August 2007

                DNS Name Server Identifier (NSID) Option

Status of This Memo

   This document specifies an Internet standards track protocol for the
   Internet community, and requests discussion and suggestions for
   improvements.  Please refer to the current edition of the "Internet
   Official Protocol Standards" (STD 1) for the standardization state
   and status of this protocol.  Distribution of this memo is unlimited.

Copyright Notice

   Copyright (C) The IETF Trust (2007).

Abstract

   With the increased use of DNS anycast, load balancing, and other
   mechanisms allowing more than one DNS name server to share a single
   IP address, it is sometimes difficult to tell which of a pool of name
   servers has answered a particular query.  While existing ad-hoc
   mechanisms allow an operator to send follow-up queries when it is
   necessary to debug such a configuration, the only completely reliable
   way to obtain the identity of the name server that responded is to
   have the name server include this information in the response itself.
   This note defines a protocol extension to support this functionality.

Austein                     Standards Track                     [Page 1]
RFC 5001                        DNS NSID                     August 2007

Table of Contents

   1.  Introduction . . . . . . . . . . . . . . . . . . . . . . . . .  2
     1.1.  Reserved Words . . . . . . . . . . . . . . . . . . . . . .  3
   2.  Protocol . . . . . . . . . . . . . . . . . . . . . . . . . . .  3
     2.1.  Resolver Behavior  . . . . . . . . . . . . . . . . . . . .  3
     2.2.  Name Server Behavior . . . . . . . . . . . . . . . . . . .  3
     2.3.  The NSID Option  . . . . . . . . . . . . . . . . . . . . .  4
     2.4.  Presentation Format  . . . . . . . . . . . . . . . . . . .  4
   3.  Discussion . . . . . . . . . . . . . . . . . . . . . . . . . .  4
     3.1.  The NSID Payload . . . . . . . . . . . . . . . . . . . . .  4
     3.2.  NSID Is Not Transitive . . . . . . . . . . . . . . . . . .  7
     3.3.  User Interface Issues  . . . . . . . . . . . . . . . . . .  7
     3.4.  Truncation . . . . . . . . . . . . . . . . . . . . . . . .  8
   4.  IANA Considerations  . . . . . . . . . . . . . . . . . . . . .  8
   5.  Security Considerations  . . . . . . . . . . . . . . . . . . .  9
   6.  Acknowledgements . . . . . . . . . . . . . . . . . . . . . . .  9
   7.  References . . . . . . . . . . . . . . . . . . . . . . . . . .  9
     7.1.  Normative References . . . . . . . . . . . . . . . . . . .  9
     7.2.  Informative References . . . . . . . . . . . . . . . . . . 10

1.  Introduction

   With the increased use of DNS anycast, load balancing, and other
   mechanisms allowing more than one DNS name server to share a single
   IP address, it is sometimes difficult to tell which of a pool of name
   servers has answered a particular query.

   Existing ad-hoc mechanisms allow an operator to send follow-up
   queries when it is necessary to debug such a configuration, but there
   are situations in which this is not a totally satisfactory solution,
   since anycast routing may have changed, or the server pool in
   question may be behind some kind of extremely dynamic load balancing
   hardware.  Thus, while these ad-hoc mechanisms are certainly better
   than nothing (and have the advantage of already being deployed), a
   better solution seems desirable.

   Given that a DNS query is an idempotent operation with no retained
   state, it would appear that the only completely reliable way to
   obtain the identity of the name server that responded to a particular
   query is to have that name server include identifying information in
   the response itself.  This note defines a protocol enhancement to
   achieve this.

Austein                     Standards Track                     [Page 2]
RFC 5001                        DNS NSID                     August 2007

1.1.  Reserved Words

   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
   "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
   document are to be interpreted as described in [RFC2119].

2.  Protocol

   This note uses an EDNS [RFC2671] option to signal the resolver's
   desire for information identifying the name server and to hold the
   name server's response, if any.

2.1.  Resolver Behavior

   A resolver signals its desire for information identifying a name
   server by sending an empty NSID option (Section 2.3) in an EDNS OPT
   pseudo-RR in the query message.

   The resolver MUST NOT include any NSID payload data in the query
   message.

   The semantics of an NSID request are not transitive.  That is: the
   presence of an NSID option in a query is a request that the name
Show full document text
RFC Editor IASA & IETF LLC IETF Trust IRTF IETF IESG IAB IANA Privacy Statement IETF Tools