On 16 Oct 2015, at 10:07, Darcy Kevin (FCA) wrote:

Let's see, millions of full-service resolvers, times the packet-count differential between UDP and TCP, times the average reload/restart frequency of those full-service resolvers per day/week/month. Can't a case be made from sheer volume?

The root operators have shown no concern about legitimate resolvers asking a lot more queries. Given that using TCP for priming helps mitigate an injection attack, and given one extra round trip would be less than 1% of the expected load from these resolvers, the "sheer volume" seems trivial.

Sorry for bringing math into the discussion.

No need to apologize. If you disagree with my calculations above, that's fine, but if you agree with them, then allowing TCP for priming queries will lead to an insignificant increase in traffic to servers that have said they are able to handle the normal requests just fine.

--Paul Hoffman

_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop

Reply via email to