It appears that Florian Obser <florian+i...@narrans.de> said: >I gave this a once-over. >3. Common Pitfalls >> If the size of the response is large enough that it does not fit into >> a single DNS UDP packet (UDP being the most common DNS transport >> today), this may result in fragmentation > >That's not correct. If the response does not fit into a single DNS UDP >packet, it's not a valid response and can't be send. > >New: If the size of the response is large enough that it does not fit >into a single IP packet this may result in fragmentation
That's not right either. If it doesn't fit in a UDP packet, the response will be truncated and the client will retry over TCP. If the UDP packet exceeds PMTU, the packet will be fragmented in transit but there's no simple way to know that at the application level. There's a reason EDNS0 let the client suggest a packet size limit, and people have been tuning their use of it since 1999. The entire discussion of response size seems like a throwback to the 1990s and I would remove it. These days if your DNS doesn't handle TCP, you already have worse problems, like DNSSEC doesn't work. R's, John _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop