Re: [DNSOP] I-D Action: draft-ietf-dnsop-avoid-fragmentation-01.txt
Paul Vixie <paul@redbarn.org> Tue, 28 July 2020 23:24 UTC
Return-Path: <paul@redbarn.org>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 040D93A09AA for <dnsop@ietfa.amsl.com>; Tue, 28 Jul 2020 16:24:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id euQI548jz35I for <dnsop@ietfa.amsl.com>; Tue, 28 Jul 2020 16:24:22 -0700 (PDT)
Received: from family.redbarn.org (family.redbarn.org [24.104.150.213]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 74E4C3A0A9B for <dnsop@ietf.org>; Tue, 28 Jul 2020 16:24:22 -0700 (PDT)
Received: from linux-9daj.localnet (dhcp-183.access.rits.tisf.net [24.104.150.183]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (1024 bits) server-digest SHA256) (Client did not present a certificate) by family.redbarn.org (Postfix) with ESMTPSA id 3F5C7C3F19 for <dnsop@ietf.org>; Tue, 28 Jul 2020 23:24:19 +0000 (UTC)
From: Paul Vixie <paul@redbarn.org>
To: dnsop@ietf.org
Date: Tue, 28 Jul 2020 23:24:18 +0000
Message-ID: <1894748.tN5slbBgEf@linux-9daj>
Organization: none
In-Reply-To: <159590342976.31577.14549446943084723826@ietfa.amsl.com>
References: <159590342976.31577.14549446943084723826@ietfa.amsl.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset="us-ascii"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/lALE_nD0vX9V6vPCDziqsCdkmG4>
Subject: Re: [DNSOP] I-D Action: draft-ietf-dnsop-avoid-fragmentation-01.txt
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 28 Jul 2020 23:24:24 -0000
please give this a read, especially if you think a dns-oarc flag day related to maximum edns payload size is a responsible idea. the draft revision below does not include a reference to https://tools.ietf.org/html/draft-gont-v6ops-ipv6-ehs-packet-drops-04 because we weren't aware of it, but the next revision definitely will. our thesis is, set the DONTFRAG option on udp sockets on both the initiator and the responder, and then follow where that leads. re: On Tuesday, 28 July 2020 02:30:29 UTC internet-drafts@ietf.org wrote: > A New Internet-Draft is available from the on-line Internet-Drafts > directories. This draft is a work item of the Domain Name System Operations > WG of the IETF. > > Title : Fragmentation Avoidance in DNS > Authors : Kazunori Fujiwara > Paul Vixie > Filename : draft-ietf-dnsop-avoid-fragmentation-01.txt > Pages : 10 > Date : 2020-07-27 > > Abstract: > EDNS0 enables a DNS server to send large responses using UDP and is > widely deployed. Path MTU discovery remains widely undeployed due to > security issues, and IP fragmentation has exposed weaknesses in > application protocols. Currently, DNS is known to be the largest > user of IP fragmentation. It is possible to avoid IP fragmentation > in DNS by limiting response size where possible, and signaling the > need to upgrade from UDP to TCP transport where necessary. This > document proposes to avoid IP fragmentation in DNS. > > > The IETF datatracker status page for this draft is: > https://datatracker.ietf.org/doc/draft-ietf-dnsop-avoid-fragmentation/ > > There are also htmlized versions available at: > https://tools.ietf.org/html/draft-ietf-dnsop-avoid-fragmentation-01 > https://datatracker.ietf.org/doc/html/draft-ietf-dnsop-avoid-fragmentation-0 > 1 > > A diff from the previous version is available at: > https://www.ietf.org/rfcdiff?url2=draft-ietf-dnsop-avoid-fragmentation-01 > > > Please note that it may take a couple of minutes from the time of submission > until the htmlized version and diff are available at tools.ietf.org. > > Internet-Drafts are also available by anonymous FTP at: > ftp://ftp.ietf.org/internet-drafts/ > > > _______________________________________________ > DNSOP mailing list > DNSOP@ietf.org > https://www.ietf.org/mailman/listinfo/dnsop -- Paul
- [DNSOP] I-D Action: draft-ietf-dnsop-avoid-fragme… internet-drafts
- Re: [DNSOP] I-D Action: draft-ietf-dnsop-avoid-fr… Paul Vixie
- Re: [DNSOP] I-D Action: draft-ietf-dnsop-avoid-fr… Tony Finch
- Re: [DNSOP] I-D Action: draft-ietf-dnsop-avoid-fr… Peter van Dijk
- Re: [DNSOP] I-D Action: draft-ietf-dnsop-avoid-fr… fujiwara