On Mon, Aug 15, 2005 at 01:43:23PM -0700, David S. Miller wrote: > But that's still going to be 48-bits less protection than > TCP gives you. TCP has a sequence number (32-bits) and > a timestamp (another 32-bits) as well as the saddr/daddr/ > sport/dport 48-bit tuple.
I hate it as well hehe. A Large DNS Market Power recently experimented with forcing DNS over TCP, it was about as much fun as turning on ECN was, and they've since backed off. I'm looking into SCTP for DNS, but that is really future material. > UDP only has saddr/daddr/sport/dport, and that's it. > Even your 16-bit key in the user component doesn't help > much at all. It does help 16 bits :-) Better than nothing. > I don't know... if someone wants to look into the implementation > and it doesn't look too complicated, I'll probably accept the > patch, but there's no way I'm wasting my time working on this :-) Ok, I'll see what I can whip up. Thanks. -- http://www.PowerDNS.com Open source, database driven DNS Software http://netherlabs.nl Open and Closed source services - To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
