On 22/08/2013, at 12:36 AM, Jon Lewis <[email protected]> wrote: > On Wed, 21 Aug 2013, Dobbins, Roland wrote: > >> >> <http://www.circleid.com/posts/20130820_a_question_of_dns_protocols/> > > I didn't even get far enough to get to the parts Vixie seems to object to. It > was too painful to read. It's in desperate need of proof-reading and copy > editing. Was this translated (poorly) from some other language to English? >
My apologies - english is spoken and written in so many styles and I know that my written style can be considered as turgid, particularly when I was not intending to write for a highly expert specialist technical audience such as are on this mailing list. So here is what I would say to this audience: - How many resolvers and their clients will resolve a DNS name to an address if they are forced to use TCP? - Our experiment used a modified DNS server that truncated all UDP at 512 bytes, and over 10 days we enlisted some 2 million end clients to perform a set of tests by using online ads. The ad used a very wide geographic and network variety, so there is good grounds to see this set as a reasonable representative sample of the internet's end user population. - The authoritative nameserver saw 80,000 visible resolvers. 17% of them (13,400) did not switch to TCP and re-query upon receipt of truncated TCP. 0.4% of them appear to have some inbound TCP-blocking firewall/filter. The rest simply did not respond in TCP - These 13,400 resolvers were used by 6% of the end clients. - 2/3 of these affected end clients switched to use an alternative resolver that was able to pose the query using UDP. - the rest (2%, or 50,000 end clients) were unable to complete the DNS query at all. - we retested, using a slightly different DNS nameserver configuration with a smaller UDP truncation threshld, over a further 700,000 end clients and saw a similar outcome. regards, Geoff _______________________________________________ dns-operations mailing list [email protected] https://lists.dns-oarc.net/mailman/listinfo/dns-operations dns-jobs mailing list https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
