trouble with .gov dns?

Wessels, Duane dwessels at
Fri Aug 12 12:09:28 CDT 2011

On May 3, 2011, at 7:54 AM, William Herrin wrote:

> On Tue, May 3, 2011 at 10:23 AM, David Conrad <drc at> wrote:
>> This probably isn't the right venue for this discussion.
> Hi David,
> I'm going to go with Mark's answer: "nameservers that don't set TC
> [truncated bit] when they can't fit glue are broken RFC 1034." When
> that happens to be both TLD servers for a particular TLD (.gov), I'm
> calling that an operational issue.
> I have a workaround. I'm happy. But the folks running
> *really* ought to have a discussion with their vendor.

I'm pleased to report that the fix for this problem was finally deployed,
as of yesterday.  You should now find TC=1 in responses from the .gov name
servers when the glue won't fit:

    $ dig +dnssec +bufsize=512 a
    ;; Truncated, retrying in TCP mode.

Duane W.

More information about the NANOG mailing list