(IPng 4133) Re: An idea to bounce off people: storing routing info in the DNS instead of the routers.

Michael Gersten michael at STB.INFO.COM
Sun Jul 20 14:35:00 EDT 1997


>having a stack believe a redirect with loose source route
>is an engraved invitation to wholesale hijacking
>
>	-mo

Lovely.

This whole idea is based on a trade-off: routers will spend
less time dealing with a routing table, a little more time
with the DNS, and most of that will then get sent back to
the originating sites. What little does not get sent back will
be in the DNS cache.

If there's no solution to the redirect security, then that
can't go in, and the DNS cache use by the routers becomes
a huge problem, and this trade off no longer works.

V6 solves the router security problem by requiring a
router message to have a TTL of 254. The question is,
can v4 handle that as well, or is this now a case of
creating IP v5, as an incremental improvement over v4
(really just this one issue).

(What's wrong with v6? The whole question of TCP vs TCPv6,
only one chance to do v6 right, the compatibility issues,
how will v6 routing really happen, etc. With only one chance
to implement v6, we want to do it right, and not be pressed
for time. This idea of mine should add another 3-5 years,
giving v6 a better opportunity to be done right the first time.)



More information about the Naipr mailing list