[dns-operations] DNS error reporting

Shane Kerr shane at time-travellers.org
Mon Feb 15 21:53:33 UTC 2016


At 2016-02-15 10:39:33 +0100
Petr Spacek <pspacek at redhat.com> wrote:

> >> Can we invent something where the error response is smaller than, or at
> >> least not much bigger than, the original request?  It would be as well not
> >> to provide another DDoS amplifier.  
> > 
> > Since the question is copied back in the answer to a DNS query, this is
> > tricky. :)
> > 


> Maybe we can send the error back only when client is connected over TCP or is
> using DNS cookies.

This seems reasonable to me, but will it be interpreted as reasonable
by resolver operators and client developers?



More information about the dns-operations mailing list