[dns-operations] COM referral responses from root without glue and TC bit

Wes Hardaker wjhns1 at hardakers.net
Fri Jan 12 22:40:22 UTC 2024


Viktor Dukhovni <ietf-dane at dukhovni.org> writes:

> > Relevant text from RFC 9471 abstract: If message size constraints
> > prevent the inclusion of all glue records for in-domain name servers,
> > the server must set the TC (Truncated) flag to inform the client that
> > the response is incomplete.
> 
> Indeed, and so 6 out of 13 roots need to be updated to set TC=1 as
> required.

Definitely true.  Having said that, different software behaves
differently (as we run multiple different software packages, I see
differences across our deployment even).

Note that although this should be done, the specification mandating this
is from September of last year so the software hasn't likely caught up
yet.  Though there is some argument that RFC1034 said this too, but less
well stated.

I'll further note that this is not a root specific problem.  This is
likely true across the deployed DNS ecosystem, but the root does serve
as a good test case.

-- 
Wes Hardaker
USC/ISI


More information about the dns-operations mailing list