[dns-operations] 答复: How .org name server handle large DNS response?

Davey Song(宋林健) ljsong at biigroup.cn
Fri Dec 21 08:55:25 UTC 2018


In the measurement of ATR, APNIC’s experiment eliminated the possible sampling bias by counting users (20.8% failure rate) other than counting resolvers (50% failure rate)

http://www.potaroo.net/presentations/2018-05-16-atr.pdf

 

There are possible ways to hide IPv6 large response issue from end users: 1) re-query to different NS server (still around 80% chance);2) Finally fallback to TCP after failed re-queries; 3) IPv4 DNS …. 

 DNS is suffered and become a little slow ,but not broken. 

 

Davey


The resolvers that are doing DNSSEC validation and thus request the
DNSKEY RRset, are likely predominantly not behind broken home CPE
routers and the like, and/or fail over to IPv4.  So the actual
impact may be low.

 

Yeah, that is what I was trying to say with sampling bias -- the people who run validating recursives may be "more able" than those who don't to get the packets?

 

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.dns-oarc.net/pipermail/dns-operations/attachments/20181221/b35a0307/attachment.html>


More information about the dns-operations mailing list