The End-To-End Internet (was Re: Blocking MX query)

Mark Andrews marka at isc.org
Fri Sep 7 01:01:10 CDT 2012


In message <108454.1346989445 at turing-police.cc.vt.edu>, valdis.kletnieks at vt.edu writes:
> --==_Exmh_1346989445_1993P
> Content-Type: text/plain; charset=us-ascii
> 
> On Fri, 07 Sep 2012 08:30:12 +1000, Mark Andrews said:
> > In message <85250.1346959671 at turing-police.cc.vt.edu>, valdis.kletnieks at vt.edu writes:
> > > My PS3 may want to talk to the world, but I have no control over Comcast's DNS.
> >
> > What point are you trying to make?  Comcast's servers support SRV as do all
> > general purpose name servers.  For HTTP at least you need to be backwards
> > compatible so there is no reason not to add SRV support.
> 
> Sure, Comcast's servers will happily support an SRV entry for my PS3.
> 
> However, Comcast's business processes don't support a way for me to request
> said SRV record be listed.  Heck, I don't even get a static IP with my current service
> package. ;)

There are plenty of companies that will serve whatever you want them to
serve.
 
> Now *I* have the technical chops to talk to the guys at dyndns.org or other
> providers and get an SRV entry created under some domain name pointing back at
> my IP address.  However, Joe Sixpack doesn't really have that option.  And
> unless you figure out a scalable and universal way for Joe Sixpack's Xbox or PS3 or
> whatever to request an SRV entry saying that the PS3 wants to do service
> "foobar" on port 34823, you can't use SRV like that.

There is NOTHING stopping Sony adding code to the PS3 to perform
dynamic updates to add the records.  We have a well established
protocol to do this securely.  100's of millions of records get
updated daily using this protocol in the corporate environment.
This is NOTHING Joe Sixpack can't do with a smidgen of help on
behalf of product vendors.  Home router vendors already have
code to do this.

	domain name for the PS
	account name
	password

account name and password form the TSIG information to secure the
dynamic update.

> A better proposal would probably be having the NAT itself run a 'portmap' type service
> on a well known port like 111.  Except that still doesn't do a very good job of
> disambiguating two instances of "foobar" behind a NAT...
-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: marka at isc.org



More information about the NANOG mailing list