[dns-operations] Strange problem with fragmented DNS responses from b.iana-servers.net
RL Vaughn
rl_vaughn at baylor.edu
Mon Dec 8 22:03:05 UTC 2008
I am on a broadband connection from grandecom. The second
fragment arrives successfully.
Randy
Duane Wessels wrote:
> Hi Everyone,
>
> A few weeks ago while working on the TLDmon scripts I noticed a
> strange problem with b.iana-servers.net. That server is one of
> three that are authoritative for some IDN TLDs such as XN--9T4B11YI5A
> and XN--KGBECHTV.
>
> The problem I'm having is with this query:
>
> dig +bufsiz=2048 @b.iana-servers.net XN--9T4B11YI5A rrsig
>
> The response is larger than 1500 bytes so it gets fragmented. I
> receive the first fragment, but not the second. But this only
> happens when I query from hosts on ISC's network.
>
> The query works if the query is changed to one of the other TLDs
> such as XN--KGBECHTV
>
> The query works for a.iana-servers.net and c.iana-servers.net.
>
> The query works over TCP.
>
> The query works from non-ISC hosts that I have been able to test
> from.
>
> The folks at ICANN ran tcpdump on the server and we saw both fragments
> leave the server.
>
> So far the problem seems localized to ISC's network, but we are at
> a loss to explain what could be causing it. ISC tells me they have
> no packet filters on their peer/transit provider links.
>
> I'm really curious if anyone else sees this problem from their own
> networks or not.
>
> Duane W.
> _______________________________________________
> dns-operations mailing list
> dns-operations at lists.dns-oarc.net
> https://lists.dns-oarc.net/mailman/listinfo/dns-operations
More information about the dns-operations
mailing list