The point in my "anecdote" and the quote from the test was to say that you do NOT need to set the value if you're getting something within 300 bytes of the advertised value. You are as I was so do not need to set it.
It may be the person that suggested setting it was under the misapprehension that the two values would be the same but the quote from the Java testing tool made it clear that is NOT the case. -----Original Message----- From: bind-users-bounces+jlightner=water....@lists.isc.org [mailto:bind-users-bounces+jlightner=water....@lists.isc.org] On Behalf Of Mark Andrews Sent: Tuesday, May 04, 2010 12:01 AM To: Laws, Peter C. Cc: bind-us...@isc.org Subject: Re: Preparing for upcoming DNSSEC changes on 5/5 In message <789398ea51916246a8016370ebc0231f0f3...@it-rome.sooner.net.ou.edu>, "Laws, Peter C." writes: > Yes, I get all that. But earlier in the thread, I noted that: > > "Mine are all saying "x.x.x.x sent EDNS buffer size 4096" when I run the > dns-oarc.net test, which I assume is the default. I, too, get the 3843 "at > least" value. > > "Why would I set it to 3843? Wouldn't I want it to be set to 4096 even if > *some* device between here and dns-oarc.net only allows that smaller value?" > > We've already had one anecdote of someone that also got 3843, setting edns-ud > p-size, re-running the test and getting a smaller number. Makes no sense to > me to set it at less than the 4096-byte default unless *I* had faulty network > equipment. You don't need to change anything if it says 3843. The test does *not* produce the exact limit of the path. % dig +short rs.dns-oarc.net txt @::1 ;; Truncated, retrying in TCP mode. rst.x4091.rs.dns-oarc.net. rst.x3837.x4091.rs.dns-oarc.net. rst.x3843.x3837.x4091.rs.dns-oarc.net. "Tested at 2010-05-04 03:48:16 UTC" "211.30.172.21 sent EDNS buffer size 4096" "211.30.172.21 DNS reply size limit is at least 4091" % dig +short rs.dns-oarc.net txt @::1 ;; Truncated, retrying in TCP mode. rst.x3827.rs.dns-oarc.net. rst.x4049.x3827.rs.dns-oarc.net. rst.x4055.x4049.x3827.rs.dns-oarc.net. "2001:470:1f00:820:214:22ff:fed9:fbdc DNS reply size limit is at least 4055" "Tested at 2010-05-04 03:49:43 UTC" "2001:470:1f00:820:214:22ff:fed9:fbdc sent EDNS buffer size 4096" If you do a packet dump you will see lots of different respones to the query all coming in at the sames time. The first one to re-assemble wins. This may not be the biggest. Mark -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org _______________________________________________ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users Proud partner. Susan G. Komen for the Cure. Please consider our environment before printing this e-mail or attachments. ---------------------------------- CONFIDENTIALITY NOTICE: This e-mail may contain privileged or confidential information and is for the sole use of the intended recipient(s). If you are not the intended recipient, any disclosure, copying, distribution, or use of the contents of this information is prohibited and may be unlawful. If you have received this electronic transmission in error, please reply immediately to the sender that you have received the message in error, and delete it. Thank you. ---------------------------------- _______________________________________________ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
