[dns-operations] dropping fragmented requests

David Dowdle ddowdle at leopard.net
Wed Apr 13 20:05:57 UTC 2016

ATM frame size is 53 octets, which is used by DSL as the transport, so 
theoretically, 80+% of your traffic could be that size.  Seems in Real 
World(tm) packets usually get reassembled, but..

On Fri, 8 Apr 2016, Meleshuk, Vadim wrote:

> Is there any real legitimate scenario requiring IP fragmentation support for requests? Sure, MTU could theoretically be as low as 68 and queries could be longer than that, but does that happen out there?
> We received some reflection attack traffic that was fragmented and I was wondering whether it is safe to just drop it altogether.
-------------- next part --------------
dns-operations mailing list
dns-operations at lists.dns-oarc.net
dns-jobs mailing list

More information about the dns-operations mailing list