[dns-operations] EDNS with IPv4 and IPv6 (DNSSEC or large answers)
Mark Andrews
marka at isc.org
Sun Sep 14 23:48:47 UTC 2014
In message <3CB37B5B-FA6C-42F7-8CCF-7EB40AE296BD at arbor.net>, Roland Dobbins wri
tes:
>
> On Sep 13, 2014, at 6:58 PM, Mark Andrews <marka at isc.org> wrote:
>
> > But do force IPv6 to fragment at 1280. This advoids PMTUD.
>
> Personally, I'd rather see pressure on networks to do The Right Thing in te=
> rms of ICMPv6 . . .
>
> ;>
PMTUD for DNS/UDP is a pain in the butt. Even if you get a PTB
message you do not have the data to resend the packet with a different
fragmentation point. This is why the precurser to IPV6_USE_MIN_MTU
was invented back in the 1990's. Some data streams work with PMTUD
and some don't. This is also the same reason that with IPv4 that
PMTUD is only supposed to be on by default for TCP and not for
anything else. Named also tries to disable PMTUD for IPv4 when the
stack mis-implements PMTUD.
DNS/TCP doesn't have this issue but there is no real benefit, except
maybe for large zone transfers, in trying to find the biggest path
MTU when 1280 is quite acceptable for DNS/TCP. The occasional extra
packet on a DNS/TCP transaction is not harmful in the great scheme
of things.
This isn't about getting the network to do the right thing as much
as it should. It is about PMTUD being a bad fit for DNS.
Mark
> ----------------------------------------------------------------------
> Roland Dobbins <rdobbins at arbor.net> // <http://www.arbornetworks.com>
>
> Equo ne credite, Teucri.
>
> -- Laoco=F6n
>
>
> _______________________________________________
> dns-operations mailing list
> dns-operations at lists.dns-oarc.net
> https://lists.dns-oarc.net/mailman/listinfo/dns-operations
> dns-jobs mailing list
> https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: marka at isc.org
More information about the dns-operations
mailing list