> On Nov 1, 2021, at 3:29 PM, Erik Kline <ek.i...@gmail.com> wrote: > > Caution: This email originated from outside the organization. Do not click > links or open attachments unless you recognize the sender and know the > content is safe. > >>> [S4.1, comment] >>> >>> * "Resolvers and other DNS clients should be aware that some servers >>> might not be reachable over TCP. For this reason, clients MAY want >>> to track and limit the number of TCP connections and connection >>> attempts to a single server." >>> >>> I think the same comment could be made about paths to a server from >>> a given network, e.g., in the case of one network filtering TCP/53 for >>> some reason. >>> >>> I'm not sure how to best reword this to add a per-network notion to >>> TCP connection success tracking, but I did want to note that a mobile >>> client's measure of TCP connection success to a single server might >>> vary from network to network. (for your consideration) >> >> Is this because mobile devices are more likely to have multiple network >> choices (say wifi and cellular data) and so the device should include the >> local network when remembering which works and which doesn’t? > > Yes, they have multiple networks simultaneously and also through time. > What's reachable/unreachable on one network might not be > reachable/unreachable on another. Just moving from one Wi-Fi SSID to > another can make a difference, e.g.: > > * imagine two SSIDs that each hand out 8.8.8.8 but have different > TCP 53 filtering policies, and > > * (more concretely) I have DNS-over-TLS active on my phone and on > one nearby coffee shop SSID TCP 853 is blocked while on another > everything works just fine > > (Hopefully I'm making some kind of sense.)
Thanks Erik, how does this look to you? <t>Resolvers and other DNS clients should be aware that some servers might not be reachable over TCP. For this reason, clients MAY track and limit the number of TCP connections and connection attempts to a single server. Reachability problems can be caused by network elements close to the server, close to the client, or anywhere along the path between them. Mobile clients that cache connection failures MAY do so on a per-network basis, or MAY clear such a cache upon change of network.</t> DW _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop