[dns-operations] on fragmentation attacks; see also RFC 6013
Jared Mauch
jared at puck.nether.net
Fri Sep 13 22:48:44 UTC 2013
On Sep 13, 2013, at 5:58 PM, Paul Vixie <paul at redbarn.org> wrote:
>> Although i think it is valid to argue that DNS TCP requires 3x RTTs if
>> you want to count the original question over UDP + the TC=1 response.
>> But I don't think that's what you are saying in the article. Am I
>> interpreting it wrong?
>
> i was not counting a UDP TC=1 round trip, because i wanted to loosely
> model a TCP-only TCP-all-the-time scenario.
>
> off topic:
I'm always off-topic, but let me try here...
last night i re-poked at my dataset and captured the TC=1 responses I have from my weekly scans.
http://openresolverproject.org/breakdown.cgi
Check for the "TC=1" lines.
I've not added them to the graphs yet, but that's coming once I figure out the best place for them.
- Jared
More information about the dns-operations
mailing list