North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: ISPs blocking port 53? (was Re: Annoying dynamic DNS updates)
> How should an ISP tell the difference between "good" DNS packets and "bad" > DNS packets? the bad ones are the ones people complain about. > You aren't complaining about your dynamic update packets or even all > dynamic updates. You are complaining about someone sending you packets > you don't want. And more precisely, you are complaining that Comcast is > failing to send you other packets you want to receive, i.e. a response to > your e-mail packets. yup. where "packets i do not want" could as easily be ddos ("zwil") or spam. > I've been thinking how to use ICMP to signal different types of > responses; and even how "smart" edges on both ends of a communication > could establish and enforce policies. Most of these are non-malicious > communications involving misconfigured systems. Edge communications > avoids problems with the host system, but has problems with multi-path > communications and source validation. the whole end-to-end argument depends on uniform clue distribution for scale.
|