[dns-operations] on fragmentation attacks; see also RFC 6013

Jared Mauch jared at puck.nether.net
Fri Sep 13 22:48:44 UTC 2013

On Sep 13, 2013, at 5:58 PM, Paul Vixie <paul at redbarn.org> wrote:

>> Although i think it is valid to argue that DNS TCP requires 3x RTTs if
>> you want to count the original question over UDP + the TC=1 response.
>> But I don't think that's what you are saying in the article. Am I
>> interpreting it wrong?
> i was not counting a UDP TC=1 round trip, because i wanted to loosely
> model a TCP-only TCP-all-the-time scenario.
> off topic:

I'm always off-topic, but let me try here...

last night i re-poked at my dataset and captured the TC=1 responses I have from my weekly scans.


Check for the "TC=1" lines.

I've not added them to the graphs yet, but that's coming once I figure out the best place for them.

- Jared

More information about the dns-operations mailing list