[ih] UDP Length Field?

John Kristoff jtk at dataplane.org
Wed Dec 2 12:19:04 PST 2020


On Wed, 2 Dec 2020 12:23:55 -0500
Vint Cerf via Internet-history <internet-history at elists.isoc.org> wrote:

> > DNS shouldn't require TCP to send longer one-off messages. That's
> > like using a private jet plane instead of a car for a family trip
> > because cars only have 2 seats. You should be able to use 2 cars.

While not the initial and primary reason, TCP switchover in DNS has
become widely used to mitigate floods of large, source address spoofed
messages making it to the service interface.  This is more popularly
known as an amplification and reflection style attack.  A situation that
arises not only with the DNS, but has been seen with a number of
UDP-based applications.

Some have suggested doing away with UDP entirely on an interdomain
basis due to frustration with uncontrolled senders taking advantage of
this asymmetric imbalance.  While many won't do this for fear of
breaking DNS, NTP, or QUIC, some edge networks (e.g. corp/org) networks
alrady do.  :-(

John



More information about the Internet-history mailing list