Re: [dns-operations] dns-operations Digest, Vol 92, Issue 13

Tue, 10 Sep 2013 10:21:32 -0700 

> And I know the IP specification defines the minimal MTU size to 576.
> So, we may need a very short RFC for updating the definition of MTU,
                                                                     ^
                                                                    to 1280

-- Orange

> in RFC 791.

From: Yasuhiro Orange Morishita / 森下泰宏 <[email protected]>
Date: Wed, 11 Sep 2013 02:02:34 +0900 (JST)

> Paul-san,
> 
> > for unsigned responses, i think a v6 max-udp-size of 1220 and a v4
> > max-udp-size of 512 is what's called for.
> 
> I believe typical datalinks of MTU=576 are (were) X.25 and SLIP
> (Of course, it's not RRL's one).  And I believe both links are deprecated.
> 
> And I know the IP specification defines the minimal MTU size to 576.
> So, we may need a very short RFC for updating the definition of MTU,
> in RFC 791.
> 
> -- Orange
> 
> From: Paul Vixie <[email protected]>
> Date: Mon, 09 Sep 2013 07:31:42 -0700
> 
> > ...
> > 
> > Yasuhiro Orange Morishita / 森下泰宏 wrote:
> > > Paul-san, and folks,
> > >
> > > Now we (including me) have known the dangers and limitations,
> > > so should we set max-udp-size to 1220 on every authoritative servers?
> > 
> > for unsigned responses, i think a v6 max-udp-size of 1220 and a v4 
> > max-udp-size of 512 is what's called for. i've not seen an explanation of 
> > how dnssec-covered data can be poisoned, even with fragment attacks. 
> > orange, can you write RFC 6891-bis?
> > 
> > the messaging that would go out with this is, everybody needs to sign their 
> > dns data, and everybody needs to validate, and if you're planning to send 
> > large responses then your authority servers must be v6 reachable, and your 
> > v4 performance will be low due to tcp.
> > 
> > vixie
> > 
> _______________________________________________
> dns-operations mailing list
> [email protected]
> https://lists.dns-oarc.net/mailman/listinfo/dns-operations
> dns-jobs mailing list
> https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
> 
_______________________________________________
dns-operations mailing list
[email protected]
https://lists.dns-oarc.net/mailman/listinfo/dns-operations
dns-jobs mailing list
https://lists.dns-oarc.net/mailman/listinfo/dns-jobs

Reply via email to