Great Suggestion for the DNS problem...?
karnaugh at karnaugh.za.net
Tue Jul 29 13:56:19 UTC 2008
Tony Finch wrote:
> On Mon, 28 Jul 2008, Colin Alston wrote:
>> In fact, why *don't* implementations discard authoritative responses
>> from non-authoritative hosts? Or do we? Or am I horribly wrong?
> The response is spoofed so that it appears to come from the correct host.
>> There's an argument that IP spoofing can easily derail this, but I'd shift
>> that argument higher up the OSI, blame TCP, and move on to recommending SYN
> DNS uses UDP.
Ahh yes of course..
Why does it use UDP? :P
More information about the NANOG