gcoap_dns: implement Max-Age-based TTL calculation

[miri64]

Contribution description

This implements the TTL calculation algorithm that is described in Section 4.3.2 of the current draft.

Testing procedure

tests/gcoap_dns should still compile. DNS caching itself is currently not implemented in tests, but the code should speak for itself.

Issues/PRs references

None

[benpicco]

Since this is still a draft, I might as well give my opinion on it.
I think this is really error-prone. I suppose the original idea was to just carry the DNS message verbatim over CoAP, but now this requires a modification of it.

I further assume that the MAX_AGE option is to allow for CoAP caching - but the way this is specified now requires to modify the DNS message in a weird way - why calculate the sum and not mandate that MAX_AGE and DNS TTL must always match?

Now you have some weird cross-layer dependency where neither of the two values are valid on their own.

[chrysn]

I further assume that the MAX_AGE option is to allow for CoAP caching - but the way this is specified now requires to modify the DNS message in a weird way - why calculate the sum and not mandate that MAX_AGE and DNS TTL must always match?

A DNS response may contain multiple records with different TTLs. (Even though I don't immediately see from this code how it's done in the implementation here).

I think this is really error-prone. I suppose the original idea was to just carry the DNS message verbatim over CoAP, but now this requires a modification.

It is not modifying the message. It is accounting for the fact that what is stated in the message will *still* be true for so-and-so-many seconds to come (which is Max-Age's semantics), and make use of it.

[benpicco]

Thank you for the clarification.
Still I don't see how this doesn't extend the lifetime beyond what the upstream DNS server advertised.

The RECOMMENDED algorithm to assure the requirement for the DoC is to set the Max-Age option of a response to the minimum TTL of a DNS response and to subtract this value from all TTLs of that DNS response.

Sounds like the DNS message should be modified.

[miri64]

I think this is really error-prone. I suppose the original idea was to just carry the DNS message verbatim over CoAP, but now this requires a modification.

The server will not get around manipulating the message. For DNS subscriptions e.g. a complete different message format is used, which is not intended to be used over other transports than DNS over TLS. However, since CoAP supports Observe, we actually want subscriptions.

Additionally, the performance benefits of the solution implemented here are non-negligible:

See also:

• https://datatracker.ietf.org/meeting/interim-2022-core-06/materials/slides-interim-2022-core-06-sessa-dns-queries-over-coap-doc-00.pdf (https://youtu.be/xQwUnqCzm2U?t=2013) on the options how to handle TTL + evaluation results
• https://datatracker.ietf.org/meeting/114/materials/slides-114-core-dns-over-coap-doc-00.pdf (https://youtu.be/rr1LXhbrs7Y?t=5607) on Observe

[miri64]

The server will not get around manipulating the message.

+ in the end we want to use the quite verbose wire format only as a fallback anyway.

[benpicco]

I think it's weird, but apparently this is in the standard now.

[miri64]

but apparently this is in the standard now.

There is no standard yet, just a draft. If that changes, we can always change it here too.

[miri64]

There is no standard yet, just a draft.

i.e. you are also welcome to discuss this either on the core mailing list or in the dedicated GitHub repo