Internet DRAFT - draft-pchowdaiah-prefetch-dns-query-over-http

draft-pchowdaiah-prefetch-dns-query-over-http



 



INTERNET-DRAFT                                               P.Chowdaiah
Intended Status: Experimental                          (ariksh software)
Expires: March 29, 2019                               September 25, 2018


        Method to pre-fetch Domain Names at HTTP Proxy Servers 
            draft-pchowdaiah-prefetch-dns-query-over-http-00


Abstract

   This specification offers an approach for augmenting domain name
   resolution times by intercepting HTTP responses at HTTP Proxy servers
   and triggering DNS queries to the servers in lieu of user requests
   and returning responses without an explicit requests from clients.
   This functionality can be achieved by multiple approaches at HTTP and
   Domain Name System [DNS] Protocols, this document specifies approach
   that shall be employed at HTTP protocol [RFC 2616].
   Methods/approaches pertaining to DNS shall be documented in [draft-
   pchowdaiah-dns-without-explicit-query.txt].


Status of this Memo

   This Internet-Draft is submitted to IETF in full conformance with the
   provisions of BCP 78 and BCP 79.

   Internet-Drafts are working documents of the Internet Engineering
   Task Force (IETF), its areas, and its working groups.  Note that
   other groups may also distribute working documents as
   Internet-Drafts.

   Internet-Drafts are draft documents valid for a maximum of six months
   and may be updated, replaced, or obsoleted by other documents at any
   time.  It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than as "work in progress."

   The list of current Internet-Drafts can be accessed at
   http://www.ietf.org/1id-abstracts.html

   The list of Internet-Draft Shadow Directories can be accessed at
   http://www.ietf.org/shadow.html


Copyright and License Notice

   Copyright (c) 2018 IETF Trust and the persons identified as the
   document authors. All rights reserved.
 


P.Chowdaiah            Expires September 23, 2018               [Page 1]

INTERNET DRAFT    Pre-fetch Domain Names at HTTP Proxy    March 22, 2018


   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents
   (http://trustee.ietf.org/license-info) in effect on the date of
   publication of this document. Please review these documents
   carefully, as they describe your rights and restrictions with respect
   to this document. Code Components extracted from this document must
   include Simplified BSD License text as described in Section 4.e of
   the Trust Legal Provisions and are provided without warranty as
   described in the Simplified BSD License.



Table of Contents

   1.  Introduction . . . . . . . . . . . . . . . . . . . . . . . . .  3
     1.1.  Terminology  . . . . . . . . . . . . . . . . . . . . . . .  3
   2.  Functionality Overview . . . . . . . . . . . . . . . . . . . .  3
   3. Detailed Specification  . . . . . . . . . . . . . . . . . . . .  5
     3.1. HTTP Header Fields  . . . . . . . . . . . . . . . . . . . .  6
     3.2. HTTP Request Header Fields  . . . . . . . . . . . . . . . .  6
       3.2.1. Dns-prefetch-over-http  . . . . . . . . . . . . . . . .  7
   4.  Security Considerations  . . . . . . . . . . . . . . . . . . .  7
   5.  IANA Considerations  . . . . . . . . . . . . . . . . . . . . .  7
     5.1. Dns-prefetch-over-http  . . . . . . . . . . . . . . . . . .  7
   6.  Implementation Source Code . . . . . . . . . . . . . . . . . .  8
   7.  References . . . . . . . . . . . . . . . . . . . . . . . . . .  8
     7.1.  Normative References . . . . . . . . . . . . . . . . . . .  8
     7.2.  Informative References . . . . . . . . . . . . . . . . . .  8
     7.3.  Notice . . . . . . . . . . . . . . . . . . . . . . . . . .  9
   Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . .  9


















 


P.Chowdaiah            Expires September 23, 2018               [Page 2]

INTERNET DRAFT    Pre-fetch Domain Names at HTTP Proxy    March 22, 2018


1.  Introduction

   HTTP proxy servers have information that can be utilized to augment
   the resolution times of Domain names which could increase the speed
   of loading web pages on account of domain name resolution being pre
   resolved by the proxy servers and responses being sent before
   explicit requests from domain name clients. This document specifies a
   method to send DNS responses by pre-negotiating a time bound
   transport layer [TCP and UDP] connection and sending responses on
   this connection when HTTP Proxy server parses HTTP responses received
   for an earlier HTTP request. 

1.1.  Terminology

   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
   "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
   document are to be interpreted as described in RFC 2119 [RFC2119].

2.  Functionality Overview

   [Figure 1] shows high-level generic behavior in HTTP proxies, which
   is summarized here: A web Browser Client sends HTTP Protocol
   requests, (transport layer connections are not covered here), the
   request is received at Proxy, proxy interprets and parses requests
   into its internal data structures, forwards request to the
   destination server, on receiving responses from server, proxy updates
   internal data structures, might cache responses and forwards response
   back to Browser client.




















 


P.Chowdaiah            Expires September 23, 2018               [Page 3]

INTERNET DRAFT    Pre-fetch Domain Names at HTTP Proxy    March 22, 2018


    Client          HTTPProxy        DNSServer            HTTPServer      
    ---+---         ----+----        ---+-----            ----+-----
       |     ...        |               |                     |
       |                |               |                     |
       |--HTTPReq------>|               |                     |
       |                |[InternalData  |                     |
       |                | creation]     |                     | 
       |                |               |                     |
       |                |--Forward Request------------------->|
       |                |               |                     |
       |                |<--------------------------Response--|
       |                |[updateInternal|                     |
       |                |data]          |                     | 
       |                |               |                     |
       |<------FwdResp--|               |                     |
       |                |               |                     |
       |--DNSQuery (if any)------------>|                     | 
       |<------------------DNSResponse--|                     |
       |                |               |                     |
       |--HTTPReq------>|               |                     |
       |     ...        |               |                     |
       |                |               |                     |

                             [Figure 1]

   [Figure 2] shows overview of proposed approach: A web browser client
   sends HTTP Protocol requests, request is received at proxy, proxy
   parses the requests and does bookkeeping into its internal data
   structures, forwards request to destination server, on receiving
   responses from server, proxy parses responses and updates internal
   data structures and looks for domain name [RFC 1034] queries inside
   the responses and forwards it to proxy DNS resolver co-located with
   HTTP proxy implementations, then forwards the received HTTP responses
   to browsing client. On receiving the DNS query responses, DNS module
   co-located in the HTTP proxy module constructs agreed implementation
   specific responses towards the client on the transport layer
   connection known as 'DNS Pre-fetch Connection' henceforth with pre-
   negotiated port and protocol specified in the HTTP requests received
   from the browser client which could be configured or dynamically
   generated. The browser client then constructs the HTTP requests as
   per received DNS resolution and proceeds with its activities, thereby
   avoiding explicit DNS requests. Detailed procedure is documented in
   section "Detailed Specification"





 


P.Chowdaiah            Expires September 23, 2018               [Page 4]

INTERNET DRAFT    Pre-fetch Domain Names at HTTP Proxy    March 22, 2018


    Client          HTTPProxy        DNSServer            HTTPServer      
    ---+---         ----+----        ---+-----            ----+-----
       |     ...        |               |                     |
       |                |               |                     |
       |    HTTPReq     |               |                     |
       |--WithHeaders-->|               |                     |
       |                |               |                     |
       |                |[InternalData  |                     |
       |                |creation,setup |                     | 
       |                |DNS Pre-fetch  |                     |
       |                |connection etc]|                     |
       |                |               |                     |
       |                |--Forward Request------------------->|
       |                |               |                     |
       |                |<--------------------------Response--|
       |                |               |                     |
       |                |[updateInternal|                     |
       |                |data, parse for|                     | 
       |                |DomainName     |                     |
       |                |send DNSQuery] |                     |
       |                |               |                     |
       |<------FwdResp--|--DNSQuery---->|                     |
       |                |<-DNSResponse--|                     |
       |                |               |                     | 
       |  SendDNSResp   |               |                     |
       |  onDNSPrefetch |               |                     |
       |<--Connection-- |               |                     |
       |                |               |                     |
       |--HTTPReq------>|               |                     |
       |     ...        |               |                     |
       |                |               |                     |

                              [Figure 2]


3. Detailed Specification

   Today most of the HTTP proxy designs either transparent or non-
   transparent probably are proprietary implementations that are based
   on the knowledge gained through experience and deployments. The
   approach presented here is also an outcome of this knowledge. Some of
   the HTTP proxy implementations have full knowledge of the HTTP
   request and responses as they snoop into the messages that are
   exchanged between the client and server. This document's approach is
   to use this information available at the proxies to augment the
   domain name resolution times by pre-requesting the DNS queries for
   domain names in the HTTP responses being exchanged, the proxy might
   cache responses if domain names are found to spill over-to next
 


P.Chowdaiah            Expires September 23, 2018               [Page 5]

INTERNET DRAFT    Pre-fetch Domain Names at HTTP Proxy    March 22, 2018


   response packets. If the responses are encrypted then pre-requesting
   domain names shall be ignored and the responses are just forwarded.
   Here are the detailed steps that are involved:

   a. This functionality shall be controlled at the client side with
   configuration options which needs to be set to have this
   functionality communicated to the proxies through HTTP message header
   field. This new HTTP message header field are detailed in section
   [3.2]. New message headers contain magic security cookie, transport
   and network layer information on protocol, port, Internet protocol
   address, timeout for connection keep-alive  that client would listen
   on. The client would setup transport connections ('DNS Pre-fetch
   Connection') that it shall be listening on with parameters that it
   shall advertise. Network Address Translation (NAT)-Application Layer
   gateways (ALG) implementations shall need to be updated for the new
   functionality.

   b. Received HTTP request at the proxy is parsed, internal bookkeeping
   carried out, an optional implementation ACK can be sent back on the
   connection that client has advertised in item [a]. Received request
   is forwarded to destination server sans the header specific to this
   documented functionality. If destination server receives a request
   having the new HTTP message headers, it needs to do a no-operation on
   it as per [RFC 2616].

   c. On receiving HTTP response from the server, session identified by
   comparing the book kept data structures. Domain names are retrieved
   from the parsed responses, limited responses are cached if domain
   names span across multiple packets, domain names resolution is
   triggered to co-located DNS server. The HTTP responses is forwarded
   to the client.

   d. Domain query responses received from co-located DNS server is
   forwarded on the connection to the client. Agreement on format of the
   message that is exchanged would be implementation specific.
   Implementations shall define formats of message types and information
   that it needs to be exchanged over DNS-prefetch-connection.
   Approaches shall include either limited exchanging of specific
   information from query response or approaches described in [draft-
   pchowdaiah-dns-without-explicit-query.txt]

   e. Client with response received on the connection setup for this
   functionality shall use the domain name resolution information and
   send out new HTTP requests.

3.1. HTTP Header Fields

3.2. HTTP Request Header Fields
 


P.Chowdaiah            Expires September 23, 2018               [Page 6]

INTERNET DRAFT    Pre-fetch Domain Names at HTTP Proxy    March 22, 2018


3.2.1. Dns-prefetch-over-http

   The Dns-prefetch-over-http request header field communicates
   connection parameters.

   Dns-prefetch-over-http  = "Dns-prefetch-over-http" ":"
                             1#( prefetch-params )

   prefetch-params = "magic-cookie" ";" "hostIpAddress" ";" "protocol"
                     ";" "port" ";"  "connection timeout"
                     ";"  "response timeout"

   where:

     magic-cookie       : dynamically generated session security 
                          authenticator
     hostIpAddress      : Internet protocol address of client
     protocol           : transport layer protocol TCP and UDP
     port               : the port socket listening on
     connection timeout : keep-alive timeout in seconds
     response timeout   : time client waits for pre-fetch DNS responses
                          before initiating standard DNS query

   Example of its usage:

    Dns-prefetch-over-http : MAGICCOOKIE;192.168.1.1;UDP;25001:60;500\r\n


4.  Security Considerations

   Any cookie related authentication mechanisms employed shall create
   security pitfalls. This proposed method shall not have any unknown
   security issues other than issues similarly identified for the HTTP
   standard cookie related HTTP header field though both are unrelated.

5.  IANA Considerations

   This specification being experimental shall not request any updates
   to any standard or registry. However upon review if this
   specification acquires standard status, this specification proposes
   and requests the following HTTP fields to be included in HTTP message
   header field registry [see RFC3864]:

5.1. Dns-prefetch-over-http

          Header field name: Dns-prefetch-over-http

          Applicable protocol: http
 


P.Chowdaiah            Expires September 23, 2018               [Page 7]

INTERNET DRAFT    Pre-fetch Domain Names at HTTP Proxy    March 22, 2018


          Status: provisional

          Author/Change controller: this specification

          Specification document: this specification (Section 3.2.1)

6.  Implementation Source Code

   Proof-of-concept source code shall be available on github at this web
   link <TODO: add link after resolving open source, copyright license
   issues>

7.  References

7.1.  Normative References

      [RFC0793]     Postel, J., "Transmission Control Protocol", STD 7,
                    RFC 793, September 1981.

      [RFC3986]     Berners-Lee, T., Fielding, R., and L. Masinter,
                    "Uniform Resource Identifier (URI): Generic Syntax",
                    STD 66, RFC 3986, January 2005.


      [RFC7231]     Fielding, R., Ed. and J. Reschke, Ed., "Hypertext
                    Transfer Protocol (HTTP/1.1): Semantics and Content",
                    RFC 7231, June 2014.

      [RFC7234]     Fielding, R., Ed., Nottingham, M., Ed., and J. Reschke,
                    Ed., "Hypertext Transfer Protocol (HTTP/1.1): Caching",
                    RFC 7234, June 2014.


      [RFC7235]     Fielding, R., Ed. and J. Reschke, Ed., "Hypertext
                    Transfer Protocol (HTTP/1.1): Authentication",
                    RFC 7235, June 2014.


7.2.  Informative References

      [RFC1919]     Chatel, M., "Classical versus Transparent IP Proxies",
                    RFC 1919, March 1996.

      [RFC1945]     Berners-Lee, T., Fielding, R., and H. Nielsen,
                    "Hypertext Transfer Protocol -- HTTP/1.0", RFC 1945,
                    May 1996.

      [RFC2068]     Fielding, R., Gettys, J., Mogul, J., Nielsen, H., and
 


P.Chowdaiah            Expires September 23, 2018               [Page 8]

INTERNET DRAFT    Pre-fetch Domain Names at HTTP Proxy    March 22, 2018


                    T. Berners-Lee, "Hypertext Transfer Protocol --
                    HTTP/1.1", RFC 2068, January 1997.

      [RFC2145]     Mogul, J., Fielding, R., Gettys, J., and H. Nielsen,
                    "Use and Interpretation of HTTP Version Numbers",
                    RFC 2145, May 1997.

      [RFC2616]     Fielding, R., Gettys, J., Mogul, J., Frystyk, H.,
                    Masinter, L., Leach, P., and T. Berners-Lee, "Hypertext
                    Transfer Protocol -- HTTP/1.1", RFC 2616, June 1999.


7.3.  Notice

   Please forward any comments and feedback to parikpub@gmail.com

Authors' Addresses

   Parikshith Chowdaiah
   ariksh software technologies
   1578/A, BSK II Stage
   Bangalore 560070
   India

   Email: parikpub@gmail.com


























P.Chowdaiah            Expires September 23, 2018               [Page 9]