[116486] in North American Network Operators' Group
Re: DNS hardening, was Re: Dan Kaminsky
daemon@ATHENA.MIT.EDU (Douglas Otis)
Wed Aug 5 17:01:51 2009
Date: Wed, 05 Aug 2009 14:00:59 -0700
From: Douglas Otis <dotis@mail-abuse.org>
To: Skywing <Skywing@valhallalegends.com>
In-Reply-To: <982D8D05B6407A49AD506E6C3AC8E7D60173636AFB4A@caralain.haven.nynaeve.net>
Cc: "nanog@nanog.org" <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On 8/5/09 11:38 AM, Skywing wrote:
> That is, of course, assuming that SCTP implementations someday clean up their act a bit. I'm not so sure I'd suggest that they're really ready for "prime time" at this point.
SCTP DNS would be intended for ISPs validating DNS where there would be
fewer issues regarding SOHO routers. It seems likely DNS will require
some kernel adjustments to support persistent SCTP. SCTP has been
providing critical SS7 and H.248.1 services for many years now, where
TCP would not be suitable. FreeBSD 7 represents a solid SCTP reference
implementation.
SCTP has far fewer issues going to homes connected via IPv6.
-Doug
