* Tony Finch: > Florian Weimer <f...@deneb.enyo.de> wrote: >> >> I think you still can't serve UDP over IPv6 without per-client sate, >> keeping both full RFC conformance and interoperability with the >> existing client population. Pre-fragmentation to 1280 or so bytes >> isn't enough, you also have to generate atomic fragments. > > Or don't fragment and restrict the EDNS buffer size to 1280.
Unfortunately, that's still not compliant. Those responses can trigger ICMP Packet Too Big messages, and then you're supposed to generate atomic fragments (that is, send a single-packet unfragmented response with a Fragmentation header). It's one of those things in the IPv6 specification which should go, but 6man *loves* them, unfortunately. (By the way, if you've got a system which generates atomic fragments, you should set a lower EDNS buffer size than 1280.) _______________________________________________ dns-operations mailing list dns-operations@lists.dns-oarc.net https://lists.dns-oarc.net/mailman/listinfo/dns-operations dns-jobs mailing list https://lists.dns-oarc.net/mailman/listinfo/dns-jobs