Re: [DNSOP] Computerworld apparently has changed DNS protocol
bmanning@vacation.karoshi.com Wed, 04 November 2009 19:26 UTC
Return-Path: <bmanning@karoshi.com>
X-Original-To: dnsop@core3.amsl.com
Delivered-To: dnsop@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id AEF8A3A69D7 for <dnsop@core3.amsl.com>; Wed, 4 Nov 2009 11:26:16 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.142
X-Spam-Level:
X-Spam-Status: No, score=-6.142 tagged_above=-999 required=5 tests=[AWL=0.457, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id yGizcvionbMx for <dnsop@core3.amsl.com>; Wed, 4 Nov 2009 11:26:16 -0800 (PST)
Received: from vacation.karoshi.com (vacation.karoshi.com [198.32.6.68]) by core3.amsl.com (Postfix) with ESMTP id A27243A6894 for <dnsop@ietf.org>; Wed, 4 Nov 2009 11:26:15 -0800 (PST)
Received: from karoshi.com (localhost.localdomain [127.0.0.1]) by vacation.karoshi.com (8.12.8/8.12.8) with ESMTP id nA4JQY4t032065; Wed, 4 Nov 2009 19:26:34 GMT
Received: (from bmanning@localhost) by karoshi.com (8.12.8/8.12.8/Submit) id nA4JQY0c032064; Wed, 4 Nov 2009 19:26:34 GMT
Date: Wed, 04 Nov 2009 19:26:34 +0000
From: bmanning@vacation.karoshi.com
To: Nicholas Weaver <nweaver@ICSI.Berkeley.EDU>
Message-ID: <20091104192634.GA31981@vacation.karoshi.com.>
References: <200911041858.TAA24009@TR-Sys.de> <FD44BF39-5B62-4689-AC6D-8DFFAF340EA1@icsi.berkeley.edu>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <FD44BF39-5B62-4689-AC6D-8DFFAF340EA1@icsi.berkeley.edu>
User-Agent: Mutt/1.4.1i
Cc: namedroppers@ops.ietf.org, Alfred HÎnes <ah@tr-sys.de>, dnsop@ietf.org
Subject: Re: [DNSOP] Computerworld apparently has changed DNS protocol
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dnsop>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 04 Nov 2009 19:26:16 -0000
On Wed, Nov 04, 2009 at 11:09:53AM -0800, Nicholas Weaver wrote: > Question: Have people been able to estimate how large the signed root > zone response will be? > > I'm assuming its below the magic 1500B level for standard queries. Is > this correct? > > Oh, and one thing to watch out for: Some IP stacks I've noticed will > set DF on UDP datagrams, if the datagram is too small to require > fragmentation onto the local network! > > Add this to the list of things DNS operators need to watch out for > when turning on DNSSEC. > > _______________________________________________ > DNSOP mailing list > DNSOP@ietf.org > https://www.ietf.org/mailman/listinfo/dnsop David Conrad, ICANN maven and one-time IANA manager, posted some numbers from their DNSSEC testbed a month or so back. Responses were just under 1800 bytes. The current deployment plan is to stage things to push out large responses early - prior to having any actual DNSSEC usable data ... ostensibly to flush out DNSmtu problems. --bill
- Re: [DNSOP] [dnsext] Computerworld apparently has… bmanning
- [DNSOP] Computerworld apparently has changed DNS … Alfred Hönes
- Re: [DNSOP] Computerworld apparently has changed … Nicholas Weaver
- Re: [DNSOP] Computerworld apparently has changed … bmanning
- Re: [DNSOP] [dnsext] Computerworld apparently has… bmanning
- Re: [DNSOP] [dnsext] Re: Computerworld apparently… Nicholas Weaver
- Re: [DNSOP] [dnsext] Computerworld apparently has… Alfred Hönes
- Re: [DNSOP] Computerworld apparently has changed … David Conrad
- Re: [DNSOP] [dnsext] Re: Computerworld apparently… David Conrad
- Re: [DNSOP] [dnsext] Re: Computerworld apparently… Florian Weimer
- Re: [DNSOP] [dnsext] Computerworld apparently has… Florian Weimer
- Re: [DNSOP] Computerworld apparently has changed … David Blacka
- Re: [DNSOP] Computerworld apparently has changed … Florian Weimer
- Re: [DNSOP] [dnsext] Re: Computerworld apparently… Florian Weimer
- Re: [DNSOP] Computerworld apparently has changed … David Blacka
- Re: [DNSOP] [dnsext] Re: Computerworld apparently… Mark Andrews
- Re: [DNSOP] [dnsext] Re: Computerworld apparently… Matthew Dempsky
- Re: [DNSOP] [dnsext] Re: Computerworld apparently… Matthew Dempsky
- Re: [DNSOP] [dnsext] Re: Computerworld apparently… Jay Daley
- Re: [DNSOP] [dnsext] Computerworld apparently has… Mark Andrews
- Re: [DNSOP] [dnsext] Re: Computerworld apparently… David Conrad
- Re: [DNSOP] [dnsext] Re: Computerworld apparently… Matthew Dempsky
- Re: [DNSOP] [dnsext] Re: Computerworld apparently… George Michaelson
- Re: [DNSOP] [dnsext] Re: Computerworld apparently… Florian Weimer
- Re: [DNSOP] [dnsext] Re: Computerworld apparently… Nicholas Weaver
- Re: [DNSOP] [dnsext] Re: Computerworld apparently… George Michaelson
- Re: [DNSOP] [dnsext] Re: Computerworld apparently… Duane Wessels
- Re: [DNSOP] [dnsext] Re: Computerworld apparently… Duane Wessels