[dns-operations] can UDP really be used for anything in "today's Internet?"

Roland Dobbins rdobbins at cisco.com
Thu Mar 23 22:37:41 UTC 2006

On Mar 23, 2006, at 2:18 PM, Rick Jones wrote:

> With all this talk about spoofing source IPs on DNS queries, open
> relays, amplification and the lack of incentive for BCP38 and such I
> have to wonder - can UDP, with its lack of a "handshake" really be
> used/trusted for anything on "today's Internet?"
> And if so, what implications does that have for DNS?

It's necessary for applications where the session overhead of TCP and  
the like would be burdensome (like, say, DNS - ;>).  There are some  
newer protocols which are intended to address these issues, but the  
adoption curve is long, and they've yet to be proven in any large- 
scale deployments (chicken-and-egg).

Roland Dobbins <rdobbins at cisco.com> // 408.527.6376 voice

      Everything has been said.  But nobody listens.

                    -- Roger Shattuck

More information about the dns-operations mailing list