On 16 June 2013 23:15, Mark Andrews <[email protected]> wrote: > > In message <[email protected]>, joel jaeggli writes: >> I'm interested in the intersection between the requested payload size >> and the use of the v6 fragmentation header, 6891 I think is missing some >> advice to implementers that might reasonably prevent fragmented replies >> from being dropped and limit the degree of amplification that can be >> achieved with large RRsets. > > Fragments get dropped because of badly configured/designed firewalls > and PMTUD. Setting IPV6_USE_MIN_MTU to 1 helps with the latter > though it may result in a addition fragment being sent.
Unfortunately the former are far too prevalent. It's undoubtedly too late, but unfortunately it might have been better to do the fragmentation within the UDP payload (i.e. inside DNS) somehow (c.f. http://tools.ietf.org/html/rfc5405#section-3.2). _______________________________________________ DNSOP mailing list [email protected] https://www.ietf.org/mailman/listinfo/dnsop
