Speaker
Mr
Geoff Huston
(APNIC)
Description
There has been some recent interest in the use of TCP for DNS queries as a means of mitigating some of the issues with DNS reflection attacks. However, it is not clear how many clients use DNS resolvers that are capable of asking queries using TCP. This presentation reports on a large scale exercise of presenting clients with DNS names whose resolution generated a truncated UDP response from the authoritative name server, and measuring the number of clients who were capable of performing the query using TCP. The presentation also looks at the performance issues this raises in terms of time to resolve a name, as measured in this experiment.
Primary author
Mr
Geoff Huston
(APNIC)
Co-author
George Michaelson
(APNIC P/L)
