> > [S4.1, comment] > > > > * "Resolvers and other DNS clients should be aware that some servers > > might not be reachable over TCP. For this reason, clients MAY want > > to track and limit the number of TCP connections and connection > > attempts to a single server." > > > > I think the same comment could be made about paths to a server from > > a given network, e.g., in the case of one network filtering TCP/53 for > > some reason. > > > > I'm not sure how to best reword this to add a per-network notion to > > TCP connection success tracking, but I did want to note that a mobile > > client's measure of TCP connection success to a single server might > > vary from network to network. (for your consideration) > > Is this because mobile devices are more likely to have multiple network > choices (say wifi and cellular data) and so the device should include the > local network when remembering which works and which doesn’t?
Yes, they have multiple networks simultaneously and also through time. What's reachable/unreachable on one network might not be reachable/unreachable on another. Just moving from one Wi-Fi SSID to another can make a difference, e.g.: * imagine two SSIDs that each hand out 8.8.8.8 but have different TCP 53 filtering policies, and * (more concretely) I have DNS-over-TLS active on my phone and on one nearby coffee shop SSID TCP 853 is blocked while on another everything works just fine (Hopefully I'm making some kind of sense.) _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop