Re: [dns-operations] DNSviz and G-root: EDNS issue?
> On Oct 13, 2021, at 1:07 AM, Stephane Bortzmeyer wrote: > > On Tue, Oct 12, 2021 at 01:01:08PM -0400, > Matthew Pounsett wrote > a message of 11 lines which said: > >>> This might be a known intermittent IPv6 routing issue with DNSviz, do >>> you see this problem for v4 and/or v6 ? >> >> That would show up as a non-answer over IPv6, rather than an apparent >> PMTU/EDNS problem. > > DNSviz (and similar tools) may wrongly diagnose a PMTU problem if > there are random losses. That's true. > 1) Try with bufsize=4096. No answer, because of a random packet loss. > 2) Retry with bufsize=1024. Answer received, therefore it must be a > PMTU problem. Actually, it give it several tries before reducing PMTU. Here is the full order of diagnostic queries when a timeout occurs: # 1 - no change # 2 - change timeout to 2 seconds # 3 - no change # 4 - reduce udp max payload to 512; change timeout to 1 second # 5 - change timeout to 2 seconds # 6 - remove EDNS option (if any); change timeout to 1 second # 7 - remove EDNS option (if any) # 8 - remove EDNS option (if any) # 9 - remove EDNS option (if any) # 10 - clear DO flag; # 11 - disable EDNS # 12 - return (give up) (See https://github.com/dnsviz/dnsviz/blob/master/dnsviz/query.py#L1766) Casey ___ dns-operations mailing list dns-operations@lists.dns-oarc.net https://lists.dns-oarc.net/mailman/listinfo/dns-operations
Re: [dns-operations] DNSviz and G-root: EDNS issue?
On Tue, Oct 12, 2021 at 01:01:08PM -0400, Matthew Pounsett wrote a message of 11 lines which said: > > This might be a known intermittent IPv6 routing issue with DNSviz, do > > you see this problem for v4 and/or v6 ? > > That would show up as a non-answer over IPv6, rather than an apparent > PMTU/EDNS problem. DNSviz (and similar tools) may wrongly diagnose a PMTU problem if there are random losses. 1) Try with bufsize=4096. No answer, because of a random packet loss. 2) Retry with bufsize=1024. Answer received, therefore it must be a PMTU problem. ___ dns-operations mailing list dns-operations@lists.dns-oarc.net https://lists.dns-oarc.net/mailman/listinfo/dns-operations
Re: [dns-operations] DNSviz and G-root: EDNS issue?
On Tue, 12 Oct 2021 at 11:24, Keith Mitchell wrote: > > This might be a known intermittent IPv6 routing issue with DNSviz, do > you see this problem for v4 and/or v6 ? That would show up as a non-answer over IPv6, rather than an apparent PMTU/EDNS problem. ___ dns-operations mailing list dns-operations@lists.dns-oarc.net https://lists.dns-oarc.net/mailman/listinfo/dns-operations
Re: [dns-operations] DNSviz and G-root: EDNS issue?
On Tue, Oct 12, 2021 at 11:21:44AM -0400, Keith Mitchell wrote a message of 22 lines which said: > > (192.112.36.4, UDP_-_EDNS0_4096_D_KN)". > > > > Testing G-root/192.112.36.4 > This might be a known intermittent IPv6 routing issue with DNSviz, do you > see this problem for v4 and/or v6 ? v4 ___ dns-operations mailing list dns-operations@lists.dns-oarc.net https://lists.dns-oarc.net/mailman/listinfo/dns-operations
Re: [dns-operations] DNSviz and G-root: EDNS issue?
On 10/12/21 11:14 AM, Stephane Bortzmeyer wrote: DNSviz currently always flags the root with a warning "./DNSKEY (alg 8, id 14748): No response was received until the UDP payload size was decreased, indicating that the server might be attempting to send a payload that exceeds the path maximum transmission unit (PMTU) size. (192.112.36.4, UDP_-_EDNS0_4096_D_KN)". Testing G-root/192.112.36.4 with the RIPE Atlas probes, bit DO and bufsize=4096 shows no evidence of a problem (and the answer is well below 4096 bytes). It seems it affects only the path between G-root and DNSviz. Any idea? This might be a known intermittent IPv6 routing issue with DNSviz, do you see this problem for v4 and/or v6 ? Keith ___ dns-operations mailing list dns-operations@lists.dns-oarc.net https://lists.dns-oarc.net/mailman/listinfo/dns-operations
[dns-operations] DNSviz and G-root: EDNS issue?
DNSviz currently always flags the root with a warning "./DNSKEY (alg 8, id 14748): No response was received until the UDP payload size was decreased, indicating that the server might be attempting to send a payload that exceeds the path maximum transmission unit (PMTU) size. (192.112.36.4, UDP_-_EDNS0_4096_D_KN)". Testing G-root/192.112.36.4 with the RIPE Atlas probes, bit DO and bufsize=4096 shows no evidence of a problem (and the answer is well below 4096 bytes). It seems it affects only the path between G-root and DNSviz. Any idea? ___ dns-operations mailing list dns-operations@lists.dns-oarc.net https://lists.dns-oarc.net/mailman/listinfo/dns-operations