large organization nameservers sending icmp packets to dns servers.

• Previous message (by thread): large organization nameservers sending icmp packets to dns servers.
• Next message (by thread): large organization nameservers sending icmp packets to dns servers.
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Valdis.Kletnieks at vt.edu writes:

> > ... advising folks to monitor their authority servers to find out how
> > many truncated responses are going out and how many TCP sessions result
> > from these truncations and how many of these TCP sessions are killed by
> > the RFC1035 4.2.2 connection management logic, and if the numbers seem
> > high, then they ought to change their applications and DNS content so
> > that truncations no longer result.
> 
> How does the (eventual) deployment of DNSSEC change these numbers?

DNSSEC cannot be signalled except in EDNS.

> And who's likely to feel *that* pain first?

the DNSSEC design seems to distribute pain very fairly.
-- 
Paul Vixie

• Previous message (by thread): large organization nameservers sending icmp packets to dns servers.
• Next message (by thread): large organization nameservers sending icmp packets to dns servers.
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]