Common operational misconceptions

Phil Regnauld regnauld at
Thu Feb 16 16:53:08 UTC 2012

	Borderline dns-ops, sorry folks! - but this is interesting
	as we've been talking about ipv6 being operational, and this
	is part of it...

Mark Andrews (marka) writes:
> If you are seeing TC between the resolver and the server and the TCP query is being answers then
> something in the path is intercepting the DNS queries.

	TC is on the answer from the remote server to my resolver, so yeah, seems
	like something is messing with the packets.

> > 	Don't see any v6 fragments (that'd be a problem since PF doesn't handle
> > 	them on this host).
> You should see something like this on the wire.  The second query is to answer
> dig's query over TCP.

	I'm not seeing fragments as you are.

	Here's what I see:

14:40:20.955876 IP6 2001:2000:1080:d::2.64561 > 2001:4f8:0:2::8.53: 52841 TXT? (36)
14:40:21.141948 IP6 2001:4f8:0:2::8.53 > 2001:2000:1080:d::2.64561: 52841*-| 0/0/0 (36)
14:40:21.142259 IP6 2001:2000:1080:d::2.53262 > 2001:4f8:0:2::8.53: Flags [S], seq 1112939462, win 65535, options [mss 1440,nop,wscale 6,sackOK,TS val 2571957531 ecr 0], length 0
14:40:21.327895 IP6 2001:4f8:0:2::8.53 > 2001:2000:1080:d::2.53262: Flags [R.], seq 0, ack 1112939463, win 0, length 0


More information about the NANOG mailing list