[dns-operations] UDP fragmentation while not needed/wanted DS www.veilingzaalmelase.be
Florian Weimer
fw at deneb.enyo.de
Wed Mar 24 22:25:48 UTC 2021
* Thor Spruyt:
> Packets:
>
> $ sudo tcpdump -nn -p host 2a02:348:a1:bd32::1
> 19:33:04.426128 IP6 2a02:1111:1111::1.60034 > 2a02:348:a1:bd32::1.53: 10024 [1au] DS? www.veilingzaalmelase.be. (53)
> 19:33:04.434834 IP6 2a02:348:a1:bd32::1 > 2a02:1111:1111::1: frag (0|1232) 53 > 60034: 10024*- 0/4/1 (1224)
> 19:33:04.434846 IP6 2a02:348:a1:bd32::1 > 2a02:1111:1111::1: frag (1232|66)
>
> So the server responds with 2 fragments, while there should be no
> reason for this.
Proactive fragmentation irrespective of path MTU is required for
stateless IPv6 UDP services. Unlike IPv4, the network does not
fragment packets. So a UDP service has to conservatively fragment
around 1200 or so bytes (to account for tunnel overhead). Or perhaps
send a TC response instead, and avoid fragmentation altogether.
More information about the dns-operations
mailing list