large organization nameservers sending icmp packets to dns servers.

Valdis.Kletnieks at Valdis.Kletnieks at
Tue Aug 7 21:10:53 UTC 2007

On Tue, 07 Aug 2007 16:10:17 EDT, "Patrick W. Gilmore" said:

> The point is, if you are the authority, you know how big the packet  
> is.  If you know it ain't over 512, then you don't need TCP.

Right.  But remember the discussion is that *we* (for some value of "we")
are querying some *other* nameserver, and we *don't* know a priori how
big the packet will be, until they send us a packet with the truncate bit
set, and then we get to find out if their config is sane....

> Interesting.  You are suggesting that as a content provider, one  
> should rely on measurements from random caching name servers around  
> the Internet, many of which you admit yourself are configured not to  
> respond to addresses outside their network?  Pardon me for not  
> considering an idea you admit yourself wouldn't work.

Oddly enough, it *does* seem to work fairly well - given the number of
content providers that are running global-scale load balancers that ping
the source of queries to figure out how far they are.

What I'm trying to figure out is how authoritative DNS servers enter into
it in the first place, since the behavior as originally discussed was content
providers who poke (presumably) caching servers.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 226 bytes
Desc: not available
URL: <>

More information about the NANOG mailing list