[dns-operations] DNS ANY requests / UltraDNS

Florian Weimer fw at deneb.enyo.de
Thu Jan 10 07:11:24 UTC 2013


* Mark Andrews:

> Instead of just causing everyone to hack their code to force TCP
> just return NOERROR, TC=1 and legitimate client will fallback to TCP
> without all the other side effects of this ill considered change.

This will still break things because prior to the change, large
authoritative ANY responses are truncated without setting TC=1.  After
the change, large ANY responses enter the cache and trigger TC=1
responses to stub resolvers (recursors do not silently truncate ANY
responses, it seems), which may not be prepared to accept such large
responses (or even fall back to TCP).

Some breakage is unavoidable.  Considering that ANY queries rarely
give the results expected by the sender, refusing them outright makes
sense to me.



More information about the dns-operations mailing list