[dns-operations] dropping fragmented requests

Meleshuk, Vadim meleshuk at amazon.com
Fri Apr 8 20:50:40 UTC 2016

Is there any real legitimate scenario requiring IP fragmentation support for requests? Sure, MTU could theoretically be as low as 68 and queries could be longer than that, but does that happen out there?

We received some reflection attack traffic that was fragmented and I was wondering whether it is safe to just drop it altogether.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.dns-oarc.net/pipermail/dns-operations/attachments/20160408/c0223f35/attachment.html>

More information about the dns-operations mailing list