[dns-operations] How .org name server handle large DNS response?
paul at redbarn.org
Thu Jan 3 16:41:59 UTC 2019
Florian Weimer wrote:
> I think nowadays, it should be possible to clamp the sending buffer size
> to something like 1200 bytes (to leave some room for tunnels) and
> configure the system so that it will never generate atomic fragments, ...
i think that's the wrong approach. rather, we should alter the servers
so that all udp responses and perhaps all tcp segments are fragmented.
let those who think they have deployed ipv6 but who don't permit
fragmentation be the ones to do additional work -- not those whose
implementations are compliant and interoperable.
middleboxes must receive truly bad service and miserable treatment, or
we will be their slaves forever. the 19 years of EDNS deployment should
have taught us that lesson irrevocably and unambiguously.
we didn't move fast and we're not the ones breaking things.
More information about the dns-operations