On Wed, Sep 22, 2010 at 4:34 PM, Hector Santos <[email protected]> wrote: > Murray S. Kucherawy wrote: > >> This shortens specific records, but doesn't shorten the overall answer. >> If multiple TXT records are found, they are all packed into the same single >> DNS reply. This actually consumes more space than a single large TXT record >> does. >> If TCP upgrade of the DNS query is not possible, truncation can occur and >> some >> of the replies can get dropped, so you could only get a (basically random) >> subset of your ASL, leading to false negatives. > > Murray, > > Any modern DNS client that is not properly doing a UDP first, then > follow up with a TCP stream request for a truncation response, is not > worth talking about and any site using this sort of inadequate DNS > client software in this modern age will already have all sorts of > other problems especially if it wants to support SPF or any other > existing TXT based queries with large values. > > IMTO, a proper DNS client is a natural operational requirement. In > addition, any operator utilizing the protocol with a large data set > will be informed packing the TXT record would be the recommendation to > help minimize traffic. Our DNS record manager will assist with this. > > IMTO, what is a "waste" is the slack space with DNS queries with no > data or information in it > > So I personally do not think this will be an issue.
I've seen it, with SPF records. A client may support TCP, but if the firewall is set to not allow TCP packets for DNS, then you will have the same issue. So this issue exists. I'm getting support questions related to this about once a quarter, up from once a year. -- Jeff Macdonald Ayer, MA _______________________________________________ dkim-ops mailing list [email protected] http://mipassoc.org/mailman/listinfo/dkim-ops
