On 5/11/15 9:27 PM, Paul Vixie wrote:
Doug Barton wrote:On 5/11/15 4:42 PM, Ralf Weber wrote:So as said we agree that the Community should put more effort in getting the Linux people to do better UDP stack instead of switching DNS to TCP, which other people have been suggesting.Ralf, With respect, we all have to stop talking about DNS being TCP XOR UDP. I'm not a proponent of switching DNS exclusively to TCP, but both stacks play a role in performance; and TCP's role will only get bigger as responses sizes grow due to IPv6, DNSSEC, etc. Dougdoug, i still disagree. i know from friends that the DPRIV WG is working on a new port number, that won't be subject to TCP/53's problems, and i wish them well. meanwhile UDP/53 can work (and mostly does) whereas TCP/53 can be trivially DoS'd, and must never be depended upon. we can revisit that topic in detail if you wish. --paul
DNS on a new port with a revised protocol is an interesting chimera to chase, but even if the perfect protocol was agreed to tomorrow we would still have at least a 20 year time frame of operating the "legacy" DNS in parallel. So while new, shiny solutions are awesome to talk about, we're not done fixing the thing we have yet. :)
Doug --I am conducting an experiment in the efficacy of PGP/MIME signatures. This message should be signed. If it is not, or the signature does not validate, please let me know how you received this message (direct, or to a list) and the mail software you use. Thanks!
signature.asc
Description: OpenPGP digital signature
_______________________________________________ dns-operations mailing list [email protected] https://lists.dns-oarc.net/mailman/listinfo/dns-operations dns-jobs mailing list https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
