[dns-operations] No public calendar for the root signing deployment
Mark Andrews
marka at isc.org
Tue Dec 15 13:57:20 UTC 2009
In message <82vdg8r5pk.fsf at mid.bfk.de>, Florian Weimer writes:
> * Mark Andrews:
>
> > Note: The host OS is NOT RFC compliant and should be upgraded.
> >
> > RFC 1191: 6.1. Layering
>
> > We do not want the IP layer to simply set the DF bit
> > in every packet, since it is possible that a packetization layer,
> > perhaps a UDP application outside the kernel, is unable to change its
> > datagram size. Protocols involving intentional fragmentation, while
> > inelegant, are sometimes successful (NFS being the primary example),
> > and we do not want to break such protocols.
>
> The kernel can run path MTU discovery on its own and fragment to the
> path MTU instead of the link MTU. I think this wasn't considered when
> RFC 1191 was written.
Which doesn't change anything. The kernel still shouldn't be setting
DF on any packet, without being instructed to, if it is not responsible
for the retransmission of that packet.
Mark
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: marka at isc.org
More information about the dns-operations
mailing list