[dns-operations] How much trouble am in in on May 5?

George Barwood george.barwood at blueyonder.co.uk
Wed May 5 13:18:47 UTC 2010


----- Original Message ----- 
From: "Edward Lewis" <Ed.Lewis at neustar.biz>
To: <dns-operations at mail.dns-oarc.net>
Cc: <ed.lewis at neustar.biz>
Sent: Wednesday, May 05, 2010 1:11 PM
Subject: Re: [dns-operations] How much trouble am in in on May 5?


> At 12:26 +0200 5/5/10, Joe Abley wrote:
> 
>>Clients who request answers over UDP without EDNS0 (the clients you're
>>talking about, following the original DNS spec size) cannot set the DO bit,
>>and hence ought not receive larger responses.
> 
> Except for the example below.
> 
>>A quick survey (from a single point source) did not reveal any root server
>>currently serving the DURZ that issues >512 byte responses to queries
>>received over UDP without EDNS0. Have you found otherwise?
> 
> Something that will probably cause some confusion is doing this:
> 
> $ dig @$x.root-servers.net . dnskey
> 
> And seeing "trying TCP" in the response.
> 
> I had done this to recall which letter was "going" today, and was a 
> bit surprised to see TCP responses until I realized what I had done. 
> I wouldn't be surprised if a few people misinterpret the outcome.
> 
> Granted, a DNSKEY query wouldn't be done unless you were thinking about DNSSEC.

But 

dig @j.root-servers.net . ANY

does not require DNSSEC thoughts. I wouldn't anticipate problems with this though,
although there are potential issues with qmail when signing mail domains later on.

George barwood


> -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
> Edward Lewis
> NeuStar                    You can leave a voice message at +1-571-434-5468
> 
> Discussing IPv4 address policy is like deciding what to eat on the Titanic.
> _______________________________________________
> dns-operations mailing list
> dns-operations at lists.dns-oarc.net
> https://lists.dns-oarc.net/mailman/listinfo/dns-operations


More information about the dns-operations mailing list