>When implementing DNS Cookies, several DNS vendors found that
>impractical as the Client Cookie is typically computed before the Client
>IP address is known. Therefore, the requirement to put Client IP address
>as input to was removed, 
In Section 4.4, the client IP is added to the hash in the creation of the
server cookie.

I wonder what happens if a client alternates between different IP addresses,
for example, the client has multiple interfaces, the client has multiple
IPv6 prefixes on a single interface or a CGNAT device regards different DNS
requests as independent UDP flows and assigns them to different parts of
a CGNAT system.

It is possible that in those cases, a server would force a client to
retry for every request.

_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop

Reply via email to