[dns-operations] PMTUD of .org servers
fw at deneb.enyo.de
Sat Jun 20 14:14:23 UTC 2009
* Michael Graff:
> Florian Weimer wrote:
>> With UDP, it can also be implemented in the kernel. It fragments down
>> to the path MTU when sending the packet. This ensures that the number
>> of packets is minimized, so it's not entirely pointless.
> If the purpose here is to avoid generating fragments due to incorrectly
> blocking them on the client's end (or something in the path) then what
> does PMTU buy us for UDP, again?
I think this question is somewhat misguided because you can't consider
such aspects in isolation. For example, suppose that the path in
question has a packet loss propability at the IP layer of 0.001 and an
MTU of 1450 bytes. The server wants to send a DNSKEY response,
consisting of 3100 bytes. Without PMTUD, you end up with 7 packets,
and about 0.007 probabity of packet loss. With PMTUD, there are only
3 packets, and the loss probability is 0.003. Of course, it's
theoretically possible to split a packet into approximately
equal-sized fragments (without setting the DF bit), but I don't think
anybody does this.
More information about the dns-operations