[dns-operations] DNS deluge for x.p.ctrc.cc

william(at)elan.net william at elan.net
Mon Feb 27 00:42:21 UTC 2006


On Mon, 27 Feb 2006, Gadi Evron wrote:

> Roland Dobbins wrote:
>> I wasn't talking about just smurf-like with that type of
>> amplification effect, nor just tricks like asking for 4K TXT records,
>> etc.; rather, some interesting logical relationships that Dan and
>> Mike have uncovered between some open recursive nameservers and
>> heretofore unknown resolvers of one flavor or another.
>
> I have a question someone here may be able to answer...
>
> Rob mentioned earlier these should be limited to 512 ATM, as a best
> practice - and as far as I see it, a band-aid stop-gap effort.... which
> makes sense.
>
> Some (I think it was Bill?) said this can kill some applications such as
> DNS-SEC, now.. not to nitpick but I don't exactly see DNS-SEC around.
>
> What other applications using larger packets would it break?
>
> How large would the packets for these applications be? Surely if they
> are, say, 1024, it's better than 4 K's.
> :)

Is it? Why?

Its one UDP packet no matter what. The problem is really that
packets > 1.4k will often result in fragmentation since typical
MTU is 1500. So this is likely to be good limit to use for UDP
DNS responses as well.

BTW - personally I've never understood why original designers wanted
to limit it to only 512 bytes and then go to TCP.

-- 
William Leibzon
Elan Networks
william at elan.net



More information about the dns-operations mailing list