nanog mailing list archives
Re: Great Suggestion for the DNS problem...?
From: Colin Alston <karnaugh () karnaugh za net>
Date: Tue, 29 Jul 2008 15:56:19 +0200
Tony Finch wrote:
On Mon, 28 Jul 2008, Colin Alston wrote:In fact, why *don't* implementations discard authoritative responses from non-authoritative hosts? Or do we? Or am I horribly wrong?The response is spoofed so that it appears to come from the correct host.There's an argument that IP spoofing can easily derail this, but I'd shift that argument higher up the OSI, blame TCP, and move on to recommending SYN cookies.DNS uses UDP.
Ahh yes of course.. Why does it use UDP? :P
Current thread:
- Great Suggestion for the DNS problem...? Jay R. Ashworth (Jul 28)
- Re: Great Suggestion for the DNS problem...? Colin Alston (Jul 28)
- RE: Great Suggestion for the DNS problem...? Tomas L. Byrnes (Jul 28)
- Re: Great Suggestion for the DNS problem...? Jay R. Ashworth (Jul 28)
- Re: Great Suggestion for the DNS problem...? Colin Alston (Jul 28)
- Re: Great Suggestion for the DNS problem...? Tony Finch (Jul 29)
- Re: Great Suggestion for the DNS problem...? Colin Alston (Jul 29)
- Re: Great Suggestion for the DNS problem...? Laurence F. Sheldon, Jr. (Jul 29)
- Re: Great Suggestion for the DNS problem...? Steven M. Bellovin (Jul 29)
- Re: Great Suggestion for the DNS problem...? Mohacsi Janos (Jul 29)
- Re: Great Suggestion for the DNS problem...? Mikael Abrahamsson (Jul 29)
- Re: Great Suggestion for the DNS problem...? Laird Popkin (Jul 29)
- RE: Great Suggestion for the DNS problem...? Tomas L. Byrnes (Jul 28)
- Re: Great Suggestion for the DNS problem...? Colin Alston (Jul 28)
- Re: Great Suggestion for the DNS problem...? Michael Smith (Jul 28)
- Re: Great Suggestion for the DNS problem...? Matt F (Jul 28)