weixin_39598796
weixin_39598796
2020-12-02 16:02

Please review the Test Specification under "Connectivity"

该提问来源于开源项目:zonemaster/zonemaster

  • 点赞
  • 写回答
  • 关注问题
  • 收藏
  • 复制链接分享
  • 邀请回答

14条回答

  • weixin_39598796 weixin_39598796 5月前

    It is true that there are different tests that may not be necessary. But the idea between me and Patrik was that we write the test specifications and then discuss later whether to keep it or remove it.

    But in the case of Bogon prefixes it seems not to be the case. Other than IANATeam cymru also recommends this test.

    On 4 February 2014 12:09, Calle Dybedahl notifications.com wrote:

    In connectivity03, the requirement to keep track of IANA assignment of address space to RIRs only affects IPv6 (since all IPv4 is already assigned). Is it really worth the effort to keep this check up-to-date (possibly requiring running a separate lookup service), given how rare the problem is likely to be?

    Reply to this email directly or view it on GitHubhttps://github.com/dotse/new-dnscheck/issues/12#issuecomment-34049743 .

    点赞 评论 复制链接分享
  • weixin_39598796 weixin_39598796 5月前

    As mentioned earlier, the idea is to reproduce the test spec for all test cases in ZC and DC. Whether to have this tests or remove it could be done if we have a consensus.

    On 4 February 2014 12:14, Calle Dybedahl notifications.com wrote:

    The Internet is a much more complex place today than it was in 1997 when RFC2182 was written, and the requirements in Connectivity04 are more controversial than one might first think. The current spec is good enough as a starting point, but we will almost certainly have to come back to this one and refine it.

    Reply to this email directly or view it on GitHubhttps://github.com/dotse/new-dnscheck/issues/12#issuecomment-34050105 .

    点赞 评论 复制链接分享
  • weixin_39540020 weixin_39540020 5月前

    I don't think Connectivity01 is specific enough as currently written. As it is now, a valid interpretation is "Look up the addresses for the FQDN, arbitrarily chose one, send a query to it, if that query returns and answer the test passes, if not it fails". I really wish to avoid this kind of arbitrariness in the specifications. Adding similar wording that you have in your comment ("If the FQDN has multiple addresses, the test passes if at least one of those addresses gives a response") would be much better, since it is not arbitrary.

    In general, I'm quite sure that things will be simpler in the long run if we decide that "a nameserver" is defined by an IP address rather than a name, but that is perhaps a separate discussion.

    点赞 评论 复制链接分享
  • weixin_39540020 weixin_39540020 5月前

    For the "bogon prefix" test, can we at least say that the "Is the IP range delegated to a RIR?" test need only be performed for IPv6 addresses, given that there are no non-delegated IPv4 ranges? I do see the point of keeping spec from the old tools, but there is also something to be said for not cluttering the new specifications with tests that are impossible to fail.

    点赞 评论 复制链接分享
  • weixin_39598796 weixin_39598796 5月前

    Agreed and updated for connectivity 01 & 02.

    On 5 February 2014 09:52, Calle Dybedahl notifications.com wrote:

    I don't think Connectivity01 is specific enough as currently written. As it is now, a valid interpretation is "Look up the addresses for the FQDN, arbitrarily chose one, send a query to it, if that query returns and answer the test passes, if not it fails". I really wish to avoid this kind of arbitrariness in the specifications. Adding similar wording that you have in your comment ("If the FQDN has multiple addresses, the test passes if at least one of those addresses gives a response") would be much better, since it is not arbitrary.

    In general, I'm quite sure that things will be simpler in the long run if we decide that "a nameserver" is defined by an IP address rather than a name, but that is perhaps a separate discussion.

    Reply to this email directly or view it on GitHubhttps://github.com/dotse/new-dnscheck/issues/12#issuecomment-34147473 .

    点赞 评论 复制链接分享
  • weixin_39598796 weixin_39598796 5月前

    I do not have a strong view on this. Will discuss with Stephane and Patrik and if they agree, we can remove this test

    On 5 February 2014 09:54, Calle Dybedahl notifications.com wrote:

    For the "bogon prefix" test, can we at least say that the "Is the IP range delegated to a RIR?" test need only be performed for IPv6 addresses, given that there are no non-delegated IPv4 ranges? I do see the point of keeping spec from the old tools, but there is also something to be said for not cluttering the new specifications with tests that are impossible to fail.

    Reply to this email directly or view it on GitHubhttps://github.com/dotse/new-dnscheck/issues/12#issuecomment-34147635 .

    点赞 评论 复制链接分享
  • weixin_39526415 weixin_39526415 5月前

    I think it would be wise to have the domain name as the input for most test cases - and then write the detailed actions on how to reach the outcome of the test. The problem with the wording in connectivity02 is that somehow the addresses of the "authoritative name servers" are fed to the test. I suggest that we write exactly how we collect the set of name servers and its corresponding addresses in the ordered description of the test.

    点赞 评论 复制链接分享
  • weixin_39598796 weixin_39598796 5月前

    Updated connectivity01.md. I would like to proceed for correcting others tests once the wording in this test is OK.

    点赞 评论 复制链接分享
  • weixin_39540020 weixin_39540020 5月前

    Connectivity01 leaves translation from nameserver fqdn to IP addresses implicit, making it unclear if "all authoritative nameservers" means one address per fqdn, all addresses for all fqdns or some other combination.

    点赞 评论 复制链接分享
  • weixin_39540020 weixin_39540020 5月前

    Connectivity02 has the same problem as Connectivity01.

    点赞 评论 复制链接分享
  • weixin_39540020 weixin_39540020 5月前

    In connectivity03, the requirement to keep track of IANA assignment of address space to RIRs only affects IPv6 (since all IPv4 is already assigned). Is it really worth the effort to keep this check up-to-date (possibly requiring running a separate lookup service), given how rare the problem is likely to be?

    点赞 评论 复制链接分享
  • weixin_39540020 weixin_39540020 5月前

    The Internet is a much more complex place today than it was in 1997 when RFC2182 was written, and the requirements in Connectivity04, Connectivity05 and Connectivity06 are more controversial than one might first think. The current spec is good enough as a starting point, but we will almost certainly have to come back to this one and refine it.

    点赞 评论 复制链接分享
  • weixin_39598796 weixin_39598796 5月前

    The input here is FQDN of the authoritative name servers. If a single name server has multiple IP addresses, the test succeeds with at least one of the IP address being resolved over UDP. If you think that it is not explicit enough in "Ordered description of the test cases" i will rewrite it.

    On 4 February 2014 12:00, Calle Dybedahl notifications.com wrote:

    Connectivity01 leaves translation from nameserver fqdn to IP addresses implicit, making it unclear if "all authoritative nameservers" means one address per fqdn, all addresses for all fqdns or some other combination.

    Reply to this email directly or view it on GitHubhttps://github.com/dotse/new-dnscheck/issues/12#issuecomment-34049157 .

    点赞 评论 复制链接分享
  • weixin_39598796 weixin_39598796 5月前

    Same answer as previous

    On 4 February 2014 12:01, Calle Dybedahl notifications.com wrote:

    Connectivity02 has the same problem as Connectivity01.

    Reply to this email directly or view it on GitHubhttps://github.com/dotse/new-dnscheck/issues/12#issuecomment-34049228 .

    点赞 评论 复制链接分享

相关推荐