Great Suggestion for the DNS problem...?

Colin Alston karnaugh at
Tue Jul 29 13:56:19 UTC 2008

Tony Finch wrote:
> On Mon, 28 Jul 2008, Colin Alston wrote:
>> In fact, why *don't* implementations discard authoritative responses
>> from non-authoritative hosts? Or do we? Or am I horribly wrong?
> The response is spoofed so that it appears to come from the correct host.
>> There's an argument that IP spoofing can easily derail this, but I'd shift
>> that argument higher up the OSI, blame TCP, and move on to recommending SYN
>> cookies.
> DNS uses UDP.

Ahh yes of course..

Why does it use UDP? :P

More information about the NANOG mailing list