[dns-operations] How much trouble am in in on May 5?
george.barwood at blueyonder.co.uk
Wed May 5 13:18:47 UTC 2010
----- Original Message -----
From: "Edward Lewis" <Ed.Lewis at neustar.biz>
To: <dns-operations at mail.dns-oarc.net>
Cc: <ed.lewis at neustar.biz>
Sent: Wednesday, May 05, 2010 1:11 PM
Subject: Re: [dns-operations] How much trouble am in in on May 5?
> At 12:26 +0200 5/5/10, Joe Abley wrote:
>>Clients who request answers over UDP without EDNS0 (the clients you're
>>talking about, following the original DNS spec size) cannot set the DO bit,
>>and hence ought not receive larger responses.
> Except for the example below.
>>A quick survey (from a single point source) did not reveal any root server
>>currently serving the DURZ that issues >512 byte responses to queries
>>received over UDP without EDNS0. Have you found otherwise?
> Something that will probably cause some confusion is doing this:
> $ dig @$x.root-servers.net . dnskey
> And seeing "trying TCP" in the response.
> I had done this to recall which letter was "going" today, and was a
> bit surprised to see TCP responses until I realized what I had done.
> I wouldn't be surprised if a few people misinterpret the outcome.
> Granted, a DNSKEY query wouldn't be done unless you were thinking about DNSSEC.
dig @j.root-servers.net . ANY
does not require DNSSEC thoughts. I wouldn't anticipate problems with this though,
although there are potential issues with qmail when signing mail domains later on.
> Edward Lewis
> NeuStar You can leave a voice message at +1-571-434-5468
> Discussing IPv4 address policy is like deciding what to eat on the Titanic.
> dns-operations mailing list
> dns-operations at lists.dns-oarc.net
More information about the dns-operations