[dns-operations] How much trouble am in in on May 5?

Edward Lewis Ed.Lewis at neustar.biz
Wed May 5 12:11:45 UTC 2010

At 12:26 +0200 5/5/10, Joe Abley wrote:

>Clients who request answers over UDP without EDNS0 (the clients you're
>talking about, following the original DNS spec size) cannot set the DO bit,
>and hence ought not receive larger responses.

Except for the example below.

>A quick survey (from a single point source) did not reveal any root server
>currently serving the DURZ that issues >512 byte responses to queries
>received over UDP without EDNS0. Have you found otherwise?

Something that will probably cause some confusion is doing this:

$ dig @$x.root-servers.net . dnskey

And seeing "trying TCP" in the response.

I had done this to recall which letter was "going" today, and was a 
bit surprised to see TCP responses until I realized what I had done. 
I wouldn't be surprised if a few people misinterpret the outcome.

Granted, a DNSKEY query wouldn't be done unless you were thinking about DNSSEC.
Edward Lewis
NeuStar                    You can leave a voice message at +1-571-434-5468

Discussing IPv4 address policy is like deciding what to eat on the Titanic.

More information about the dns-operations mailing list