they will have to be troubled. perhaps we can notify them first. that config is not sustainable.
Get BlueMail for Android On 30 Apr 2020, 23:38, at 23:38, Viktor Dukhovni <[email protected]> wrote: >On Sun, Apr 19, 2020 at 12:39:24AM -0400, Viktor Dukhovni wrote: > >> The DANE survey unbound resolver is presently configured to advertise >an >> EDNS UDP buffer size of 1232 bytes (to avoid UDP fragmentation >problems >> over IPv6). With this buffer size (or indeed any buffer size below >1346 >> bytes) and the DO bit set to solicit DNSSEC signatures, queries for >the >> darpa.mil MX host TLSA records fail: > >FWIW, with ofda.gov even 1410 is not enough, EDNS buffer sizes less >than >1555 (requiring working fragmentation) elicit a TC=1 response, but TCP >is not available. > >Timeout: > >dig +bufsize=1554 +dnssec +norecur @$ip -t tlsa >_25._tcp.dc4vasmtp01.ofda.gov > >Success: > >dig +bufsize=1555 +dnssec +norecur @$ip -t tlsa >_25._tcp.dc4vasmtp01.ofda.gov > >-- > Viktor. >_______________________________________________ >dns-operations mailing list >[email protected] >https://lists.dns-oarc.net/mailman/listinfo/dns-operations
_______________________________________________ dns-operations mailing list [email protected] https://lists.dns-oarc.net/mailman/listinfo/dns-operations
