* Paul Wouters: > On Tue, 21 Jun 2011, Florian Weimer wrote: > >> For IPv6, the DNS server must fragment to about 1200 bytes per packet, >> or cap EDNS0 buffer sizes at about 1150 bytes. I'm not sure how many >> servers get this right. I'm not even sure if there's a suitable kernel >> interface to achieve that. > > Should edns-buffer-size: be split in two options, one for ipv6 and one > for ipv4?
I don't think this is needed. In any case, it's more important to avoid fragmentation over IPv4. 8-/ > With the ipv6 one using a default 1150? I pulled those numbers out of thin air. I checked more carefully, and 1280 bytes for the entire IPv6 packet (including all IPv6 headers) is allowed. EDNS0 buffer sizes which are guaranteed to avoid fragmentation are a bit smaller: 40 bytes for the IPv6 header, and 8 bytes for the UDP header, plus a variable amount of IPv6 extension headers (which should not happen in practice). RFC 3226 requires an advertised buffer size of at least 1220 bytes, which seems to result in packets smaller than the minimum IPv6 MTU, so that's probably the number that should be the default. But maybe we can get authoritative servers to fragment IPv6 responses to 1280 bytes. Then no resolver changes would be needed. -- Florian Weimer <[email protected]> BFK edv-consulting GmbH http://www.bfk.de/ Kriegsstraße 100 tel: +49-721-96201-1 D-76133 Karlsruhe fax: +49-721-96201-99 _______________________________________________ Unbound-users mailing list [email protected] http://unbound.nlnetlabs.nl/mailman/listinfo/unbound-users
