[dns-operations] DNS flag day 2020: Recommended EDNS buffer size discussion

Lee ler762 at gmail.com
Mon Sep 2 20:41:55 UTC 2019


On 9/2/19, Paul Vixie <paul at redbarn.org> wrote:
> On Monday, 2 September 2019 17:31:50 UTC Lee wrote:
>> On 9/2/19, Paul Vixie <paul at redbarn.org> wrote:
>> > ...
>> >>
>> >> we should not needlessly invent something that's different from TCP
>> >> MSS.
>> >> just use what works.
>>
>> I think tcp mss working as well as it does is because the mss is
>> negotiated at connection setup time (syn, syn+ack option tcp mss
>> size).
>
> no.

Are we arguing definitions?
Source sends a SYN with the tcp mss option set to 1460, destination
responds with a SYN+ACK with the tcp mss option set to 1280, both
sides use an mss of 1280.  Which sounds like a negotiation to me..

>> Your machine can figure out the mss & middle boxes that know
>> better can reduce the mss value to something they know will work.
>>   eg. 'ip tcp adjust-mss ' in ciscoland
>>
>> https://www.cisco.com/en/US/docs/ios-xml/ios/ipapp/command/ip_tcp_adjust-ms
>> s_through_ip_wccp_web-cache_accelerated.html#GUID-68044D35-A53E-42C1-A7AB-92
>> 36333DA8C4
>>
>> How do you do that with udp?
>
> TCP MSS is an offer not an acknowledgement,

agreed

> and it proceeds from local
> knowledge of the path MTU like the routing table or the sysctl definitions
> set
> by a sysadmin. generally speaking path MTU discovery does not work

Right - generally speaking path MTU discovery does not work.  So when
setting up ipsec tunnels between routers I'd also configure ip tcp
adjust-mss to lower the offered mss on traffic going through the
tunnel & have everything work.

I never did figure out how to automatically fix udp traffic.  So I'm
not understanding how your suggestion to use what works for tcp is
applicable to udp.

Regards,
Lee



More information about the dns-operations mailing list