From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail.lang.hm (unknown [66.167.227.145]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by lists.bufferbloat.net (Postfix) with ESMTPS id 1C9383B29E for ; Mon, 17 Apr 2023 15:00:01 -0400 (EDT) Received: from dlang-mobile (unknown [10.2.2.69]) by mail.lang.hm (Postfix) with ESMTP id 36975186C2D; Mon, 17 Apr 2023 12:00:00 -0700 (PDT) Date: Mon, 17 Apr 2023 12:00:00 -0700 (PDT) From: David Lang To: "Rodney W. Grimes" cc: David Lang , =?ISO-8859-15?Q?David_Fern=E1ndez?= , starlink@lists.bufferbloat.net In-Reply-To: <202304171438.33HEcqi7056122@gndrsh.dnsmgr.net> Message-ID: References: <202304171438.33HEcqi7056122@gndrsh.dnsmgr.net> MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII; format=flowed Subject: Re: [Starlink] fiber IXPs in space X-BeenThere: starlink@lists.bufferbloat.net X-Mailman-Version: 2.1.20 Precedence: list List-Id: "Starlink has bufferbloat. Bad." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 17 Apr 2023 19:00:01 -0000 On Mon, 17 Apr 2023, Rodney W. Grimes wrote: >> On Sun, 16 Apr 2023, David Fern?ndez via Starlink wrote: >> >>> The idea would be that the satellite inspects IP packets and when it >>> detects a DNS query, instead of forwarding the packet to ground >>> station, it just answers back to the sender of the query. >> >> This would be a bad way to implement it. You don't want to override queries to >> other DNS servers, but it would be very easy to create an anycast address that >> is served by the satellites. > > Yes, and the later is what I proposed, the idea of intercepting > someone ELSE'S anycast address and processing it would be > wrong in many ways, in effect a Man In the Middle attack > as stated else where. I was assuming that it would be done in coordination with the existing user, not as a stealth optimization. I should have made that clear. David Lang