[tcpm] draft-sridharan-tcpm-ctcp-00 -- mail delivery problem

Alfred Hönes <ah@tr-sys.de> Fri, 02 November 2007 13:30 UTC

Return-path: <tcpm-bounces@ietf.org>
Received: from [] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1InwbZ-00031B-HF; Fri, 02 Nov 2007 09:30:33 -0400
Received: from tcpm by megatron.ietf.org with local (Exim 4.43) id 1InJyh-0006DX-9q for tcpm-confirm+ok@megatron.ietf.org; Wed, 31 Oct 2007 16:15:51 -0400
Received: from [] (helo=chiedprmail1.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1InJyg-0005yV-VJ for tcpm@ietf.org; Wed, 31 Oct 2007 16:15:51 -0400
Received: from dsl.tr-sys.de ([] helo=WOTAN.TR-Sys.de) by chiedprmail1.ietf.org with esmtp (Exim 4.43) id 1InJyT-0006Gl-FA for tcpm@ietf.org; Wed, 31 Oct 2007 16:15:38 -0400
Received: from ZEUS.TR-Sys.de by w. with ESMTP ($Revision: $/16.3) id AA111791694; Wed, 31 Oct 2007 21:14:54 +0100
Received: (from ah@localhost) by z.TR-Sys.de (8.9.3 (PHNE_25183)/8.7.3) id VAA18697; Wed, 31 Oct 2007 21:14:54 +0100 (MEZ)
From: Alfred Hönes <ah@tr-sys.de>
Message-Id: <200710312014.VAA18697@TR-Sys.de>
To: tcpm@ietf.org
Date: Wed, 31 Oct 2007 21:14:53 +0100
X-Mailer: ELM [$Revision: $]
Mime-Version: 1.0
Content-Type: text/plain; charset="hp-roman8"
Content-Transfer-Encoding: quoted-printable
X-Spam-Score: 0.0 (/)
X-Scan-Signature: f4c2cf0bccc868e4cc88dace71fb3f44
X-Mailman-Approved-At: Fri, 02 Nov 2007 09:30:29 -0400
Subject: [tcpm] draft-sridharan-tcpm-ctcp-00 -- mail delivery problem
X-BeenThere: tcpm@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: TCP Maintenance and Minor Extensions Working Group <tcpm.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:tcpm@ietf.org>
List-Help: <mailto:tcpm-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=subscribe>
Errors-To: tcpm-bounces@ietf.org

I wanted to submit a big bunch of editorial comments on the I-D,
in private communications to the authors of this draft, because
this kind of comments is deemed clutter to the mailing list
(I'm not on regularly).

Unfortunately, some responsible persons within the affiliation of the
authors of this draft apparently have arranged to filter DNS traffic
to their public DNS servers by *source* port, effectively disabling
the possibility to perform MX record lookups from any recursive DNS
cache server behind a NAT/NAPT access router, where the source port
used on the public interface cannot be controlled.  This also makes
clients of the well-known public mail service hosted by that company
unreachable, and it makes the web and ftp servers of that company
invisible for this site and topologically similarly structured sites.

This problem persists since a couple of months, and has not existed
before.  The analysis performed shows that DNS requests sent to any
one of the five public DNS servers of that company always time out.
Support personal of our ISP has verified that these DNS servers
do respond to DNS requests with source port 53, but don't respond
to DNS requests with other source ports that result from the port
mapping of the NAPT router.

It should be noted that within the last year or two, we already
had suffered from similar (mis)behavior of other sites, e.g.:
maintainers of significant Internet infrastructure and registries
for very large gTLDs, important players in network security, and
some large academic campus networks.  In all these cases, the same
symptoms had been observed, and after an explanation of the problem,
showing that sending DNS requests with *any* UDP source port is
perfectly legal (as per all relevant RFCs), the problem has been
resolved quickly.
(This problem also already has been submitted to the DNSOP WG in 2006.)

In this case however, any attempts so far to make the responsible
persons aware of the problem (using third-party-forwarded messages)
unfortunately have not even been responded to, within the last two

This note is another attempt to raise awareness of the problem and
restore full communications possibilities between IETF participants.

Thus, I kindly ask the authors of the draft to try to investigate
(or perhaps delegate) the problem appropriately.  Thankyou in advance.

Best regards,
  Alfred Hönes.


| TR-Sys Alfred Hoenes   |  Alfred Hoenes   Dipl.-Math., Dipl.-Phys.  |
| Gerlinger Strasse 12   |  Phone: (+49)7156/9635-0, Fax: -18         |
| D-71254  Ditzingen     |  E-Mail:  ah@TR-Sys.de                     |

tcpm mailing list