[dns-operations] can UDP really be used for anything in "today's Internet?"

Florian Weimer fw at deneb.enyo.de
Fri Mar 24 22:39:28 UTC 2006


* Rick Jones:

> With all this talk about spoofing source IPs on DNS queries, open 
> relays, amplification and the lack of incentive for BCP38 and such I 
> have to wonder - can UDP, with its lack of a "handshake" really be 
> used/trusted for anything on "today's Internet?"

You can implement some kind of handshake on top of UDP.  UDP is not
bad per se.  But using it correctly needs a lot of work (congestion
contorl, validation of source addresses using cookies, a better
checksum, and so on).



More information about the dns-operations mailing list