> > [S4.1, comment]
> >
> > * "Resolvers and other DNS clients should be aware that some servers
> > might not be reachable over TCP. For this reason, clients MAY want
> > to track and limit the number of TCP connections and connection
> > attempts to a single server."
> >
> > I think the same comment could be made about paths to a server from
> > a given network, e.g., in the case of one network filtering TCP/53 for
> > some reason.
> >
> > I'm not sure how to best reword this to add a per-network notion to
> > TCP connection success tracking, but I did want to note that a mobile
> > client's measure of TCP connection success to a single server might
> > vary from network to network. (for your consideration)
>
> Is this because mobile devices are more likely to have multiple network
> choices (say wifi and cellular data) and so the device should include the
> local network when remembering which works and which doesn’t?
Yes, they have multiple networks simultaneously and also through time.
What's reachable/unreachable on one network might not be
reachable/unreachable on another. Just moving from one Wi-Fi SSID to
another can make a difference, e.g.:
* imagine two SSIDs that each hand out 8.8.8.8 but have different
TCP 53 filtering policies, and
* (more concretely) I have DNS-over-TLS active on my phone and on
one nearby coffee shop SSID TCP 853 is blocked while on another
everything works just fine
(Hopefully I'm making some kind of sense.)
_______________________________________________
DNSOP mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dnsop
