On Jan 28, 2010, at 8:59 AM, Matt Larson wrote: > On Thu, 28 Jan 2010, Mark Andrews wrote: >> The DNSKEY RRset size seems small for testing. We really should >> be looking the biggest key set sizes that occur during rollover >> simultaneous ZSK/KSK rollovers. Hopefully that is in the planning. > > The design allows for ZSK rollovers at calendar quarter boundaries and > KSK rollovers in the middle of a quarter, which are intentionally > non-overlapping so that the are never more than three keys in the root > DNSKEY RRset. (Please see the diagram on page five of > http://www.root-dnssec.org/wp-content/uploads/2009/12/draft-icann-dnssec-arch-v1dot2dot1.pdf, > which Tony already referred to.) >
Stupid question on Figure 2: What is the approximate size of responses during these different periods? In particular, do any particular "magic limits" in the network (namely the 1500B ethernet MTU, the 1492 PPPoE MTU, the "likely to be in path MTU hole" of 1480-1500B MTU, or the somewhat common 1280 EDNS MTU) get hit? _______________________________________________ DNSOP mailing list [email protected] https://www.ietf.org/mailman/listinfo/dnsop
