[dns-operations] [Ext] Verisign TLDs, some other servers may trim critical glue from very large referrals
paul at redbarn.org
Fri Jan 4 16:53:29 UTC 2019
Viktor Dukhovni wrote:
> Separately, I agree that an EDNS buffer size of 512 seems unwise.
> Though 1280 might be a tad too big, because the IPv6 MTU, not the
> maximum payload size of a UDP datagram. One needs to subtract the
> IP and IP header sizes. My ad hoc estimate is 1280 - 64 = 1216.
1280 is the result of such subtraction, of may possible things, starting
with an assumed end-system MTU of 1500. you don't have to subtract even
however, 1280 symbolizes a one-sided negotiation with middle-box
vendors, and is in my view most unwise. when something doesn't work,
it's not always up to the server operator to find a workaround. if we
don't want to wait 19 more years for IPv6 to be deployed (referring to
the EDNS struggle) then we have to force the people who broke stuff like
fragmentation to be the ones to fix what they broke -- not us.
More information about the dns-operations