dnsop WG; Authors updated draft-ietf-dnsop-avoid-fragmentation.
Please review current verion. > The IETF datatracker status page for this draft is: > https://datatracker.ietf.org/doc/draft-ietf-dnsop-avoid-fragmentation/ > A diff from the previous version is available at: > https://www.ietf.org/rfcdiff?url2=draft-ietf-dnsop-avoid-fragmentation-07 There is no good static maximum DNS/UDP payload size. We removed complicated Default Maximum DNS/UDP payload size discussions and set the value as 1400. However, when a UDP responder with a path MTU smaller than 1428/1448 octets sends a query with a maximum UDP payload size 1400 and the UDP responder generates a response of 1400 octets (with IP_DF), the response packet drops on the path and the resoponder cannot get the response. In the previous version, the behavior at the timeout depends on implementations. We don't want the name resolution failure caused by this BCP document, so, we added the new text "To avoid name resolution fails, UDP requestors need to retry using TCP, or UDP with smaller maximum DNS/UDP payload size." I would like agreements on the following. - Default Maximum DNS/UDP payload size: choices are 1400, 1232 or others - Need static configuration parameters at authoritative, recursive resolvers, stub rsolvers ? Regards, -- Kazunori Fujiwara, JPRS <[email protected]> > From: [email protected] > Subject: [DNSOP] I-D Action: draft-ietf-dnsop-avoid-fragmentation-07.txt > Date: Sun, 03 Jul 2022 19:30:54 -0700 > > > A New Internet-Draft is available from the on-line Internet-Drafts > directories. > This draft is a work item of the Domain Name System Operations WG of the IETF. > > Title : Fragmentation Avoidance in DNS > Authors : Kazunori Fujiwara > Paul Vixie > Filename : draft-ietf-dnsop-avoid-fragmentation-07.txt > Pages : 11 > Date : 2022-07-03 > > Abstract: > EDNS0 enables a DNS server to send large responses using UDP and is > widely deployed. Path MTU discovery remains widely undeployed due to > security issues, and IP fragmentation has exposed weaknesses in > application protocols. Currently, DNS is known to be the largest > user of IP fragmentation. It is possible to avoid IP fragmentation > in DNS by limiting response size where possible, and signaling the > need to upgrade from UDP to TCP transport where necessary. This > document proposes to avoid IP fragmentation in DNS. > > > The IETF datatracker status page for this draft is: > https://datatracker.ietf.org/doc/draft-ietf-dnsop-avoid-fragmentation/ > > There is also an htmlized version available at: > https://datatracker.ietf.org/doc/html/draft-ietf-dnsop-avoid-fragmentation-07 > > A diff from the previous version is available at: > https://www.ietf.org/rfcdiff?url2=draft-ietf-dnsop-avoid-fragmentation-07 > > > Internet-Drafts are also available by rsync at rsync.ietf.org::internet-drafts > > > _______________________________________________ > DNSOP mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/dnsop > _______________________________________________ DNSOP mailing list [email protected] https://www.ietf.org/mailman/listinfo/dnsop
