Likewise, how hard would it be to do DNS-over-SSL for zone transfers
(which usually end up going over TCP anyway due to zones generally
not fitting inside a single UDP packet)?
Actually, it's not a "single UDP packet" but a DNS specified 512-byte
packet. UDP can, of course, handle payloads up near 65507 long
Unless some network in between has a maximum packet size set. I
remember being taught to assume 8K is the max that will get through
using UDP.
There should be no need for that network to be doing that.
More than 1500 bytes (Ethernet MTU, though this doubles (IIRC) for
Gigabit) and it's going to be IP fragmented, and so only the first
fragment is going to have the UDP header in where the UDP length field
is for it to be bothered to check.
--
Michael O'Keefe | [EMAIL PROTECTED]
Live on and Ride a 03 BMW F650GSDakar| [EMAIL PROTECTED] / |
I like less more or less less than |Work:+1 858 845 3514 / |
more. UNIX-live it,love it,fork() it |Fax :+1 858 845 2652 /_p_|
My views are MINE ALONE, blah, blah, |Home:+1 760 788 1296 \`O'|
blah, yackety yack - don't come back |Fax :+1 858 _/_\|_,
--
[email protected]
http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
