"Kevin Oberman" <oberman@es.net> writes:
> He said that if the protocols would not handle blocked 53/tcp, the
> protocols would have to be changed. Opening the port was simply not
> open to discussion.Do they also believe that all DNS replies are less than 512 bytes?
Sure, why not.
The phrase "simply not open to discussion" in this context can be
accurately read as "we were told this was good, but couldn't possibly
defend the line of reasoning since we have no clue what it was."
It's like debating PMTU brokenness with someone who feels that
blocking all ICMP is a Really Smart Clever Good Thing To Do, because
someone told them all about evil ICMP.
Sometimes, the happiest solution is to let the pain rain.
... JG