[168261] in North American Network Operators' Group
Re: "trivial" changes to DNS (was: OpenNTPProject.org)
daemon@ATHENA.MIT.EDU (Jared Mauch)
Thu Jan 16 12:55:37 2014
Date: Thu, 16 Jan 2014 12:55:18 -0500
From: Jared Mauch <jared@puck.Nether.net>
To: Andrew Sullivan <asullivan@dyn.com>
In-Reply-To: <20140116163945.GU22344@dyn.com>
Cc: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Thu, Jan 16, 2014 at 11:39:46AM -0500, Andrew Sullivan wrote:
> On Thu, Jan 16, 2014 at 11:32:05AM -0500, Christopher Morrow wrote:
>
> > pretty easy to believe that quic would be helpful right?
>
> Yes. It's also pretty easy to believe that ditching DNS completely in
> favour of something without 8 billion warts would be helpful.
>
> > seems totally feasible.
>
> Certainly, it would be possible to standardize it. Whether it would
> be "trivial" to get it deployed is quite a different matter. The
> evidence to date is that there is a very, very long tail in any change
> having to do with the DNS. We are still, to this day, fighting with
> sysadmins who are convinced that firewall rules on TCP/53 are
> perfectly reasonable, even though DNS _always_ used TCP.
I can point anyone interested to the place in the
bind source to force it to reply to all UDP queries with TC=1
to force TCP. should be safe on any authority servers, as a recursive
server should be able to do outbound TCP.
- Jared
--
Jared Mauch | pgp key available via finger from jared@puck.nether.net
clue++; | http://puck.nether.net/~jared/ My statements are only mine.
