IETF Logo Mail Archive

Re: [DNSOP] bar bof, edns buffer size, avoid fragmentation

Paul Vixie <paul@redbarn.org> Thu, 25 July 2019 00:19 UTC

Return-Path: <paul@redbarn.org>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4E4D012025D for <dnsop@ietfa.amsl.com>; Wed, 24 Jul 2019 17:19:23 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id STrQTGUoHbN2 for <dnsop@ietfa.amsl.com>; Wed, 24 Jul 2019 17:19:21 -0700 (PDT)
Received: from family.redbarn.org (family.redbarn.org [IPv6:2001:559:8000:cd::5]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 983B61200B8 for <dnsop@ietf.org>; Wed, 24 Jul 2019 17:19:21 -0700 (PDT)
Received: from linux-9daj.localnet (full.e-r.fsi.io [104.244.14.22]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by family.redbarn.org (Postfix) with ESMTPSA id 2917E892E8 for <dnsop@ietf.org>; Thu, 25 Jul 2019 00:19:20 +0000 (UTC)
From: Paul Vixie <paul@redbarn.org>
To: dnsop@ietf.org
Date: Thu, 25 Jul 2019 00:19:18 +0000
Message-ID: <14483517.zoDt3jd3KM@linux-9daj>
Organization: none
In-Reply-To: <8410065.5GvUleY1HB@linux-9daj>
References: <922546a1-a7a4-45fa-b4a7-e861f3a425d2@redbarn.org> <48294972-7299-67e0-809b-c6f066c49947@nic.cz> <8410065.5GvUleY1HB@linux-9daj>
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset="us-ascii"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/1fJvFZzfWQBxxy18cVFn-M8BL38>
Subject: Re: [DNSOP] bar bof, edns buffer size, avoid fragmentation
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 25 Jul 2019 00:19:23 -0000

with four of us in attendance monday evening, i presented my appreciation for 
fujimora-san's draft and admitted that EDNS0 ought to have required DF and 
ought to have used examples which would fit in a then-common MTU 1500 network.

i then asked that numbers like 1220, 1280, 576, and 1500 not be specified as 
fixed constants, but rather, should be computed in the same way and for the 
same reasons as TCP MSS. those of us running jumbograms or still running FDDI 
or perhaps speaking POS should not be artificially limited in our DNS payload 
sizes.

in discussion, the following details appeared:

TCP MSS is calculated from the routing table. on microsoft windows, there's an 
easy way to find the route for a destination...

https://docs.microsoft.com/en-us/windows/win32/rras/search-for-the-best-route

...and while there's no portable way to do this from user mode in Linux or BSD 
or other UNIX-style systems such as Android, there is always a way.

it is the route's MTU and not any one interface's MTU, and not any constant, 
that should be used to calculate EDNS0 buffer size. that will probably be 1280 
or 1220 for most V6 routes (including "default", the route of last resort) and 
1460 for most V4 routes (including default).

(noting, i've made a similar plea to the QUIC team. the 1500 MTU will not last 
our lifetimes, and we must not hard code the 1500 MTU assumption... anywhere.)

also, there were beer and snacks.

-- 
Paul

v2.23.0 | Report a Bug | By Email