[dns-operations] EDNS with IPv4 and IPv6 (DNSSEC or large answers)
Roland Dobbins
rdobbins at arbor.net
Tue Sep 23 21:34:00 UTC 2014
On Sep 24, 2014, at 12:16 AM, Florian Weimer <fw at deneb.enyo.de> wrote:
> Fragmentation in IPv4 is inherently insecure.
Conceptually, yes, it's a Very Bad Idea. But given the realities of the TCP/IP we have, it's important that network operators understand that they can't filter out non-initial fragments, or they'll break the Internet for their customers.
----------------------------------------------------------------------
Roland Dobbins <rdobbins at arbor.net> // <http://www.arbornetworks.com>
Equo ne credite, Teucri.
-- Laocoön
More information about the dns-operations
mailing list