On Thursday, July 4, 2024 6:03:44 PM PDT Tim Wicinski wrote:
> Geoff,
>
> On Thu, Jul 4, 2024 at 8:58 PM Geoff Huston <[email protected]> wrote:
> > I think you appear to be getting "requestor" and "responder" confused in
> > your proposed text. Did you mean to say the following?
>
> Arrgh - Guilty and thank you for that.
>
> > UDP responders should compose response response packets with a maximum UDP
> > payload size that fits in the minimum
> > of the offered requestor's maximum UDP payload size, [RFC6891], the
> > interface MTU, the network MTU value configured by the knowledge of the
> > network operators,
> > and the RECOMMENDED maximum DNS/UDP payload size 1400.
>
> You say "response response" in your text, but yes yes that was where I was
> going with it.
>
> Paul, does this give the future proofing you were thinking of?
No, although it is strikingly similar to earlier text that was rejected. We
should not minimize to 1400 if one of the other ingredients is larger. Also
does not mention discovered path MTU if any. If we assume that both RFC 6891
and RFC 8899 will be superceded at some point, we can still reference them
since future readers should be able to figure out that what we mean is "EDNS
bufsize or evolutionary replacement" and "PLPMTUD or evolutionary
replacement". in pseudo-code this would appear as roughly:
MIN( interface_mtu,
policy_mtu,
edns_bufsize,
ELSE(discovered_pmtu, default_pmtu))
That is, first see if there is a discovered mtu (such as by PLPMTUD or some
future method), and if not, assume that the path mtu is no more than 1400.
Second, use the smaller of your own interface mtu, the policy mtu if any, the
offered buffer size if any, or the result of step 1 (discovered pmtu if known,
or else default mtu which is at the time of this writing known to be 1400).
It probably can't be better than that. If it could be, then I'd prefer to go
back about a year in the edit history, so that we can distinguish between MTU
and buffer size. A DNS responder can only affect buffer size, which includes
the
DNS header but not other headers. The responder's network stack will add
headers for UDP and IP/IP6. In that world, we'd say that the default MTU was
1500 not 1400, but that the DNS responder should always leave room for 100
octets of transport and network headers. The equation for this would be:
let default_mtu = 1500
let header_estimate = 100
let pmtu = ELSE(discovered_pmtu, default_pmtu)
let mtu = MIN(interface_mtu, policy_mtu, pmtu)
let bufsize = MIN(mtu, edns_bufsize) - header_estimate
This was a very hard sell back in -03 of this draft, so I stopped pushing.
> thanks
> tim
I agree: thanks, Tim!
--
P Vixie
_______________________________________________
DNSOP mailing list -- [email protected]
To unsubscribe send an email to [email protected]