[dns-operations] DNS deluge for x.p.ctrc.cc

william(at)elan.net william at elan.net
Mon Feb 27 00:42:21 UTC 2006

On Mon, 27 Feb 2006, Gadi Evron wrote:

> Roland Dobbins wrote:
>> I wasn't talking about just smurf-like with that type of
>> amplification effect, nor just tricks like asking for 4K TXT records,
>> etc.; rather, some interesting logical relationships that Dan and
>> Mike have uncovered between some open recursive nameservers and
>> heretofore unknown resolvers of one flavor or another.
> I have a question someone here may be able to answer...
> Rob mentioned earlier these should be limited to 512 ATM, as a best
> practice - and as far as I see it, a band-aid stop-gap effort.... which
> makes sense.
> Some (I think it was Bill?) said this can kill some applications such as
> DNS-SEC, now.. not to nitpick but I don't exactly see DNS-SEC around.
> What other applications using larger packets would it break?
> How large would the packets for these applications be? Surely if they
> are, say, 1024, it's better than 4 K's.
> :)

Is it? Why?

Its one UDP packet no matter what. The problem is really that
packets > 1.4k will often result in fragmentation since typical
MTU is 1500. So this is likely to be good limit to use for UDP
DNS responses as well.

BTW - personally I've never understood why original designers wanted
to limit it to only 512 bytes and then go to TCP.

William Leibzon
Elan Networks
william at elan.net

More information about the dns-operations mailing list