[dns-operations] Writeup of Spring Workshop

Paul Vixie paul at redbarn.org
Tue May 12 17:29:01 UTC 2015



Doug Barton wrote:
> On 5/11/15 9:27 PM, Paul Vixie wrote:
>>
>> doug, i still disagree. i know from friends that the DPRIV WG is working
>> on a new port number, that won't be subject to TCP/53's problems, and i
>> wish them well. meanwhile UDP/53 can work (and mostly does) whereas
>> TCP/53 can be trivially DoS'd, and must never be depended upon. we can
>> revisit that topic in detail if you wish. --paul
>
> DNS on a new port with a revised protocol is an interesting chimera to
> chase, but even if the perfect protocol was agreed to tomorrow we
> would still have at least a 20 year time frame of operating the
> "legacy" DNS in parallel. So while new, shiny solutions are awesome to
> talk about, we're not done fixing the thing we have yet. :)

can you rank the following in terms of (a) level of difficulty and MTTR,
and (b) your willingness to help?

(1) make EDNS0 work near-universally
(2) use a new port number
(3) fix TCP/53

i've listed them in my own ease-of-getting-there.

my proposal is a tcp proxy which tunnels dns over http (in binary form,
no xml or json). to be released shortly.

-- 
Paul Vixie



More information about the dns-operations mailing list