please give this a read, especially if you think a dns-oarc flag day related to maximum edns payload size is a responsible idea. the draft revision below does not include a reference to
https://tools.ietf.org/html/draft-gont-v6ops-ipv6-ehs-packet-drops-04 because we weren't aware of it, but the next revision definitely will. our thesis is, set the DONTFRAG option on udp sockets on both the initiator and the responder, and then follow where that leads. re: On Tuesday, 28 July 2020 02:30:29 UTC [email protected] wrote: > A New Internet-Draft is available from the on-line Internet-Drafts > directories. This draft is a work item of the Domain Name System Operations > WG of the IETF. > > Title : Fragmentation Avoidance in DNS > Authors : Kazunori Fujiwara > Paul Vixie > Filename : draft-ietf-dnsop-avoid-fragmentation-01.txt > Pages : 10 > Date : 2020-07-27 > > Abstract: > EDNS0 enables a DNS server to send large responses using UDP and is > widely deployed. Path MTU discovery remains widely undeployed due to > security issues, and IP fragmentation has exposed weaknesses in > application protocols. Currently, DNS is known to be the largest > user of IP fragmentation. It is possible to avoid IP fragmentation > in DNS by limiting response size where possible, and signaling the > need to upgrade from UDP to TCP transport where necessary. This > document proposes to avoid IP fragmentation in DNS. > > > The IETF datatracker status page for this draft is: > https://datatracker.ietf.org/doc/draft-ietf-dnsop-avoid-fragmentation/ > > There are also htmlized versions available at: > https://tools.ietf.org/html/draft-ietf-dnsop-avoid-fragmentation-01 > https://datatracker.ietf.org/doc/html/draft-ietf-dnsop-avoid-fragmentation-0 > 1 > > A diff from the previous version is available at: > https://www.ietf.org/rfcdiff?url2=draft-ietf-dnsop-avoid-fragmentation-01 > > > Please note that it may take a couple of minutes from the time of submission > until the htmlized version and diff are available at tools.ietf.org. > > Internet-Drafts are also available by anonymous FTP at: > ftp://ftp.ietf.org/internet-drafts/ > > > _______________________________________________ > DNSOP mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/dnsop -- Paul _______________________________________________ DNSOP mailing list [email protected] https://www.ietf.org/mailman/listinfo/dnsop
