[Top] [All Lists]

Re: Guidance needed on well known ports

2006-03-19 22:02:39

Hallam-Baker, Phillip wrote:
From: Joe Touch [mailto:touch(_at_)ISI(_dot_)EDU] 

And with what port would I reach this magical DNS that would 
provide the SRV record for the DNS itself?

You use fixed ports for the bootstrap process and only for the bootstrap

Which means that the DNS port needs to be well-known or fixed in advance.

Some other issues to be considered:

        - this change would make the DNS required for proper Internet
        operation, whereas it is currently optional (i.e., only for
        finding the IP address).]

        - hosts may run services but not have control over their own
        DNS entry (or SRV records)

        - firewalling based on ports would no longer be useful
        (one could argue it should not be, but that's a different issue)

Fixed ports do not work behind NAT. Anyone who wants to deploy IPv6 
would be well advised to pay careful attention to that restriction. 
SRV ports work just fine behind a NAT.
Except that many NATs also intercept DNS requests and 
redirect them to their own servers, for their own purposes, 
which can interfere with SRV records (by design).

People who do this are rarely trying to break things.

They don't *try* to break things, but then tend to. ;-)

As to 'by design', they're not so much trying to break as to 'help'
(usually for their own purposes).


Ietf mailing list