IETF Logo Mail Archive

Re: [Asrg] DNS over SCTP

Alessandro Vesely <vesely@tana.it> Fri, 29 May 2009 10:27 UTC

Return-Path: <vesely@tana.it>
X-Original-To: asrg@core3.amsl.com
Delivered-To: asrg@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 6056428C14A for <asrg@core3.amsl.com>; Fri, 29 May 2009 03:27:22 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.465
X-Spam-Level:
X-Spam-Status: No, score=-0.465 tagged_above=-999 required=5 tests=[AWL=0.254, BAYES_00=-2.599, HELO_EQ_IT=0.635, HOST_EQ_IT=1.245]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id y0TXJEoVZcNp for <asrg@core3.amsl.com>; Fri, 29 May 2009 03:27:22 -0700 (PDT)
Received: from wmail.tana.it (mail.tana.it [62.94.243.226]) by core3.amsl.com (Postfix) with ESMTP id EA3B728C132 for <asrg@irtf.org>; Fri, 29 May 2009 03:27:21 -0700 (PDT)
Received: from [172.25.197.158] (pcale.tana [172.25.197.158]) (AUTH: CRAM-MD5 ale@tana.it, TLS: TLS1.0, 256bits, RSA_AES_256_CBC_SHA1) by wmail.tana.it with esmtp; Fri, 29 May 2009 12:23:24 +0200 id 00000000005DC031.000000004A1FB79C.000041D7
Message-ID: <4A1FB7B9.8070205@tana.it>
Date: Fri, 29 May 2009 12:23:53 +0200
From: Alessandro Vesely <vesely@tana.it>
User-Agent: Thunderbird 2.0.0.21 (Windows/20090302)
MIME-Version: 1.0
To: David Conrad <drc@virtualized.org>
References: <4A1A45BA.5030704@swin.edu.au> <3be421270905250718y5d62f6d5odb6f2bebecf418d0@mail.gmail.com> <6684E747-55CB-4BB3-B838-9F4FE906AFE7@mail-abuse.org> <200905251603.MAA16221@Sparkle.Rodents-Montreal.ORG> <CCE0A3E1-4BCB-460C-AEA0-6548BB4AE8FE@mail-abuse.org> <4A1D64C9.5060505@tana.it> <47BC2197-472E-4615-97D2-F7E42B8F3B7D@mail-abuse.org> <4A1E8BD3.8000103@tana.it> <20090528131509.GA13521@nic.fr> <4A1E9CBF.4010703@tana.it> <20090528142325.GA22943@nic.fr> <4A1EB214.6090507@tana.it> <1E0EDA86-CFF5-40AC-AEE8-E943317E1E3C@virtualized.org>
In-Reply-To: <1E0EDA86-CFF5-40AC-AEE8-E943317E1E3C@virtualized.org>
Content-Type: text/plain; charset="us-ascii"; format="flowed"
Content-Transfer-Encoding: 7bit
Cc: Anti-Spam Research Group - IRTF <asrg@irtf.org>, ietf@ietf.org
Subject: Re: [Asrg] DNS over SCTP
X-BeenThere: asrg@irtf.org
X-Mailman-Version: 2.1.9
Precedence: list
Reply-To: Anti-Spam Research Group - IRTF <asrg@irtf.org>
List-Id: Anti-Spam Research Group - IRTF <asrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/listinfo/asrg>, <mailto:asrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/asrg>
List-Post: <mailto:asrg@irtf.org>
List-Help: <mailto:asrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/asrg>, <mailto:asrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Fri, 29 May 2009 10:27:22 -0000

David Conrad wrote:
> However, pragmatically speaking, I suspect it is going to be much, much 
> easier to get DNSSEC deployed than it would be to get every 
> router/firewall/NAT manufacturer and network operator to support/deploy 
> SCTP, not to mention getting every DNSSEC server to support DNS over SCTP.

Shouldn't be difficult. I'm not much into either technology, but since 
SCTP can be tunneled through UDP, it should be possible to retrofit 
SCTP adoption onto an existing DNS implementation. On an OS that 
provides SCTP natively, a module inserted between the DNS daemon and 
its UDP sockets may operate the UDP/SCTP conversion when the remote 
hosts support it. Then, it would just discard spurious incoming UDP 
packets, and manage keep-alive settings for SCTP connections. It can 
work on a separate host or firewall, without even recompiling the DNS 
daemon.

v2.23.0 | Report a Bug | By Email