Hallam-Baker, Phillip wrote:
>> From: Joe Touch [mailto:[EMAIL PROTECTED]
>
>> And with what port would I reach this magical DNS that would
>> provide the SRV record for the DNS itself?
>
> You use fixed ports for the bootstrap process and only for the bootstrap
> process.
Which means that the DNS port needs to be well-known or fixed in advance.
Some other issues to be considered:
- this change would make the DNS required for proper Internet
operation, whereas it is currently optional (i.e., only for
finding the IP address).]
- hosts may run services but not have control over their own
DNS entry (or SRV records)
- firewalling based on ports would no longer be useful
(one could argue it should not be, but that's a different issue)
>>> Fixed ports do not work behind NAT. Anyone who wants to deploy IPv6
>>> would be well advised to pay careful attention to that restriction.
>>> SRV ports work just fine behind a NAT.
>> Except that many NATs also intercept DNS requests and
>> redirect them to their own servers, for their own purposes,
>> which can interfere with SRV records (by design).
>
> People who do this are rarely trying to break things.
They don't *try* to break things, but then tend to. ;-)
As to 'by design', they're not so much trying to break as to 'help'
(usually for their own purposes).
Joe
_______________________________________________
Ietf mailing list
Ietf@ietf.org
https://www1.ietf.org/mailman/listinfo/ietf
