[Yeti DNS Discuss] Dealing with IPv6 Fragmentation in the DNS

Stephane Bortzmeyer bortzmeyer at nic.fr
Thu Aug 24 11:51:48 UTC 2017

On Thu, Aug 24, 2017 at 09:45:45PM +1000,
 Geoff Huston <gih at apnic.net> wrote 
 a message of 34 lines which said:

> This is an approach that is used by a.root-servers.net and
> j.root-servers.net

And the .com name servers (managed by the same organisation).

> Which is fine except for the unfortunate observation that some 17%
> of resolvers appear to have some kind of broken firewall  in front
> of them that prevents them from establishing a TCP session.

Wild guess: resolvers in such broken environments are probably not
validating resolvers and thus will probably never request anything
larger than 1200/1400 bytes.

More information about the discuss mailing list