NNPS / TCP port 433
Julien ÉLIE
julien at trigofacile.com
Sun Dec 12 09:51:20 UTC 2021
Hi Grant,
>> _nnsp._tcp SRV 10 1 119 news.server.com.
>> _nntp._tcp SRV 10 1 119 news.server.com.
>> _nntps._tcp SRV 0 1 563 news.server.com.
>> _nnsps._tcp SRV 0 1 433 news.server.com.
>
> My issue with this example is that you are using different service names
> in each of the records. Thus clients are going to need to enter
> something different depending on what they want.
>
>> to say that nntps has more priority (0) than nntp (10).
>
> Except I don't think that it does /because/ of the different service
> names nntps != nntp.
It can do:
[RFC 6186]
The priority field in the SRV RR allows a domain to indicate that
some records have a higher preference than others in the DNS query
results (determined by those records having a lower-numbered priority
value). Typically, this is used for choosing a record from a set for
a single service label; however, it is not restricted to choice
within only one service.
Often a site will offer both IMAP and POP3 message store access
services for users. However, the site may have a preference for one
over the other that they want to convey to the user to ensure that,
when the user has an MUA capable of using both IMAP and POP3, the
preferred choice is used.
To aid with this choice, sites SHOULD offer both sets of IMAP (_imap
and/or _imaps) and POP3 (_pop3 and/or _pop3s) SRV records in their
DNS and set the priority for those sets of records such that the
"preferred" service has a lower-numbered priority value than the
other. When an MUA supports both IMAP and POP3, it SHOULD retrieve
records for both services and then use the service with the lowest
priority value. If the priority is the same for both services, MUAs
are free to choose whichever one is appropriate. When considering
multiple records for different protocols at the same priority but
with different weights, the client MUST first select the protocol it
intends to use, then perform the weight selection algorithm given in
[RFC2782] on the records associated with the selected protocol.
Example: service records for both IMAP and POP3, with IMAP having a
lower-numbered priority value (0) than POP3 (10), indicating to the
MUA that IMAP is preferred over POP3, when the MUA can support either
service.
_imap._tcp SRV 0 1 143 imap.example.com.
_pop3._tcp SRV 10 1 110 pop3.example.com.
>> Port 433 uses implicit TLS, as mentioned for NNSPS.
>> If NNSP pointed to 433 (or even both 119 and 433), it would have meant
>> that port 433 does not use implicit TLS.
>
> Okay.
That's what we wanted to achieve.
> I've not /yet/ found any way that's not remotely hacky to shoe horn SRV
> support into things that aren't coded for it. E.g. I can't have
> `telnet` or `netcat` use SRV records.
Use of SRV records is not wide-spread at all...
It seems like e-mail clients haven't implemented it but use other
mechanisms of autodiscovery or like. Nonetheless, it does not mean we
could not try for NNTP/NNSP.
> Sure, I can come up with some sort of hack to do the sorting to find a
> top contender. I can even extend it to return the target and port in a
> way that the client program can use it. E.g.
>
> `telnet $(mySRVresolver _nntp._tcp.trigofacile.com)`
>
> Where mySRVresolver returns `news.trigofacile.com 119` which `telnet`
> can use as input.
>
> Theoretically I can even have mySRVresolver attempt connections in the
> proper order and return the first one that can successfully connect.
>
> But what I can't do is have telnet re-try the next lower priority
> candidate if the previous higher priority candidate failed to connect. I
> will have to re-try / re-start the telnet command. So ... how do I
> communicate to mySRVresolver that the previous connection failed, so
> don't return it? Or so on and so forth?
Isn't it the same thing as when there are several DNS servers to try?
When one does not respond, the secondary should be queried, and so forth.
I agree that using SRV is not natively supported in these utilities...
--
Julien ÉLIE
« – Il t'arrive une tuile ?
– Oui, je ne peux pas payer mon ardoise. »
More information about the inn-workers
mailing list