On 07/28/2014 07:55 AM, Jerry Lundström wrote:
Hi,
On fre, 2014-07-25 at 19:07 +0200, 神明達哉 wrote:
I have just one very minor comment at this moment. While the draft
says in Section 1.2 as follows:
A key and signing policy can be expressed in any format. This
document uses XML as
Folks,
(Apologies if this has been debated to death already).
At the last IEPG meeting we presented some results regarding the
filtering of packets that employ IPv6 extension headers (please see:
http://www.iepg.org/2014-07-20-ietf90/iepg-ietf90-ipv6-ehs-in-the-real-world-v2.0.pdf).
The packet
On Mon, Jul 28, 2014 at 08:24:59AM -0400,
Fernando Gont ferna...@gont.com.ar wrote
a message of 43 lines which said:
The packet drop rates range from 10% to over 50%, depending on the
dataset
Annoying.
This essentially raises the question of What's the plan for
transporting DNS
On Jul 28, 2014, at 8:42 AM, Stephane Bortzmeyer bortzme...@nic.fr wrote:
Quite a few folks usually argue oh, that's simple: we'll use TCP,
There are many good reasons to use TCP but, in that case, I do not see
why we need it. First, IPv6 users typically don't use extension
headers and,
Hi, Stephane,
Thanks so much for your prompt response. Comments in-line...
On 07/28/2014 08:42 AM, Stephane Bortzmeyer wrote:
This essentially raises the question of What's the plan for
transporting DNS queries/responses in IPv6?
Why do we need a plan? We serve DNS over IPv6 for now ten
On 07/28/2014 08:48 AM, Nicholas Weaver wrote:
There are many good reasons to use TCP but, in that case, I do not
see why we need it. First, IPv6 users typically don't use
extension headers and, second, if the problem is in IP, why would
changing from UDP to TCP work?
Because the big
Hi,
On Jul 28, 2014, at 5:48 AM, Nicholas Weaver nwea...@icsi.berkeley.edu wrote:
The IPv6 net has decreed “No, really, FRAGMENTS DO NOT WORK”.
This could be a bit of an issue when the DNSSEC root key is rolled. Could
someone point me to a writeup and/or data as to how we know the above
David Conrad d...@virtualized.org wrote:
On Jul 28, 2014, at 5:48 AM, Nicholas Weaver nwea...@icsi.berkeley.edu
wrote:
The solution is to detect and fallback on EDNS0 MTU to retry at 1400B
first (rather than directly down to 512b), and properly handle
truncation.
How many shipping
On Mon, Jul 28, 2014 at 08:52:06AM -0400,
Fernando Gont ferna...@gont.com.ar wrote
a message of 60 lines which said:
Just curious: How do you check that the UDP-based DNS replies
actually get to the node that sent the query?
1) Because, otherwise, we would see retransmissions by the client.
At Mon, 28 Jul 2014 10:17:51 +0200,
Matthijs Mekking matth...@nlnetlabs.nl wrote:
I have just one very minor comment at this moment. While the draft
says in Section 1.2 as follows:
A key and signing policy can be expressed in any format. This
document uses XML as example.
On Mon, Jul 28, 2014 at 10:05 AM, David Conrad d...@virtualized.org wrote:
Hi,
On Jul 28, 2014, at 5:48 AM, Nicholas Weaver nwea...@icsi.berkeley.edu
wrote:
The IPv6 net has decreed “No, really, FRAGMENTS DO NOT WORK”.
This could be a bit of an issue when the DNSSEC root key is rolled.
Oops. Mailer problems and obviously misdirected... (intended to be sent to
someone with whom I worked on the name collision stuff :))
Sincere apologies.
Regards,
-drc
On Jul 28, 2014, at 3:34 PM, Casey Deccio ca...@deccio.net wrote:
I have to admit I have struggled to not respond to Casey
Tony Finch wrote:
BIND 9.10 changes the first state to do variable-size probing: it
will try 512, 1232, 1432, and 4096, starting at the bottom and
working up and down depending on what works. The middle numbers come
from the minimum IPv6 MTU minus space for headers, and the ethernet
MTU
13 matches
Mail list logo
