[Yeti DNS Discuss] 答复: Dealing with IPv6 Fragmentation in the DNS
ljsong at biigroup.cn
Thu Aug 24 02:00:53 UTC 2017
1280 mtu helps but is not enough. Response will be fragmented if the size is beyond that, when KSK rolled, or more information in the rrset.
I’m drafting a proposal and prepare a lab test asking authoritative server reply an additional truncated response after normal large response (more than 1232 Octets for example). It aims to save some retries, timeout and fall back to TCP as soon as possible. There are should be a small interval between two responses to avoid reordering.
Do you think it make sense?
发件人: discuss [mailto:discuss-bounces at lists.yeti-dns.org] 代表 P Vix
发送时间: 2017年8月23日 22:05
收件人: discuss at lists.yeti-dns.org; Stephane Bortzmeyer
主题: Re: [Yeti DNS Discuss] Dealing with IPv6 Fragmentation in the DNS
Fragmentation in v6 was meant to be an improvement on v4, by making it end to end only ... Routers don't fragment. Turns out icmp6 is a huge security hole and is most often blocked.
I had thought that DNS servers were now using mtu 1280 to work around it.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the discuss