[dns-operations] Writeup of Spring Workshop

Doug Barton dougb at dougbarton.us
Tue May 12 17:11:35 UTC 2015


On 5/11/15 9:27 PM, Paul Vixie wrote:
>
>
> Doug Barton wrote:
>> On 5/11/15 4:42 PM, Ralf Weber wrote:
>>> So as said we agree that the Community should put more effort in
>>> getting the Linux people to do better UDP stack instead of switching
>>> DNS to TCP, which other people have been suggesting.
>>
>> Ralf,
>>
>> With respect, we all have to stop talking about DNS being TCP XOR UDP.
>> I'm not a proponent of switching DNS exclusively to TCP, but both
>> stacks play a role in performance; and TCP's role will only get bigger
>> as responses sizes grow due to IPv6, DNSSEC, etc.
>>
>> Doug
>
> doug, i still disagree. i know from friends that the DPRIV WG is working
> on a new port number, that won't be subject to TCP/53's problems, and i
> wish them well. meanwhile UDP/53 can work (and mostly does) whereas
> TCP/53 can be trivially DoS'd, and must never be depended upon. we can
> revisit that topic in detail if you wish. --paul

DNS on a new port with a revised protocol is an interesting chimera to 
chase, but even if the perfect protocol was agreed to tomorrow we would 
still have at least a 20 year time frame of operating the "legacy" DNS 
in parallel. So while new, shiny solutions are awesome to talk about, 
we're not done fixing the thing we have yet. :)

Doug

-- 
I am conducting an experiment in the efficacy of PGP/MIME signatures. 
This message should be signed. If it is not, or the signature does not 
validate, please let me know how you received this message (direct, or 
to a list) and the mail software you use. Thanks!

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 473 bytes
Desc: OpenPGP digital signature
URL: <https://lists.dns-oarc.net/pipermail/dns-operations/attachments/20150512/b2745a90/attachment.sig>


More information about the dns-operations mailing list