[dns-operations] Always replying to UDP requests with TC=1, good practice or not

Paul Vixie paul at redbarn.org
Mon Oct 19 17:16:11 UTC 2015


On Monday, October 19, 2015 12:38:17 Tony Finch wrote:
> Stephane Bortzmeyer <bortzmeyer at nic.fr> wrote:
> > I can reproduce it with NSD (ipv4-edns-size: 60) but not with other
> > programs. Any idea how to do it with BIND or Knot
> 
> You should get this effect using RRL with slip=1

for more commentary on slip=1, see:

http://www.circleid.com/posts/20130913_on_the_time_value_of_security_features_in_dns/

-- 
Paul
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.dns-oarc.net/pipermail/dns-operations/attachments/20151019/4d25a09c/attachment.sig>


More information about the dns-operations mailing list