> > [S4.1, comment]
> >
> > * "Resolvers and other DNS clients should be aware that some servers
> >   might not be reachable over TCP.  For this reason, clients MAY want
> >   to track and limit the number of TCP connections and connection
> >   attempts to a single server."
> >
> >  I think the same comment could be made about paths to a server from
> >  a given network, e.g., in the case of one network filtering TCP/53 for
> >  some reason.
> >
> >  I'm not sure how to best reword this to add a per-network notion to
> >  TCP connection success tracking, but I did want to note that a mobile
> >  client's measure of TCP connection success to a single server might
> >  vary from network to network.  (for your consideration)
>
> Is this because mobile devices are more likely to have multiple network 
> choices (say wifi and cellular data) and so the device should include the 
> local network when remembering which works and which doesn’t?

Yes, they have multiple networks simultaneously and also through time.
What's reachable/unreachable on one network might not be
reachable/unreachable on another.  Just moving from one Wi-Fi SSID to
another can make a difference, e.g.:

    * imagine two SSIDs that each hand out 8.8.8.8 but have different
TCP 53 filtering policies, and

    * (more concretely) I have DNS-over-TLS active on my phone and on
one nearby coffee shop SSID TCP 853 is blocked while on another
everything works just fine

(Hopefully I'm making some kind of sense.)

_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop

Reply via email to