nanog mailing list archives

Re: large organization nameservers sending icmp packets to dns servers.

From: Paul Vixie <vixie () vix com>
Date: 09 Aug 2007 22:58:40 +0000


Valdis.Kletnieks () vt edu writes:

... advising folks to monitor their authority servers to find out how
many truncated responses are going out and how many TCP sessions result
from these truncations and how many of these TCP sessions are killed by
the RFC1035 4.2.2 connection management logic, and if the numbers seem
high, then they ought to change their applications and DNS content so
that truncations no longer result.


How does the (eventual) deployment of DNSSEC change these numbers?


DNSSEC cannot be signalled except in EDNS.

And who's likely to feel *that* pain first?


the DNSSEC design seems to distribute pain very fairly.
-- 
Paul Vixie

Current thread:

Re: large organization nameservers sending icmp packets to dns servers., (continued)
- - - Re: large organization nameservers sending icmp packets to dns servers. Donald Stahl (Aug 07)
    - Re: large organization nameservers sending icmp packets to dns servers. Kevin Oberman (Aug 07)
    - Re: large organization nameservers sending icmp packets to dns servers. Andrew Sullivan (Aug 07)
    - Re: large organization nameservers sending icmp packets to dns servers. Douglas Otis (Aug 07)
    - Re: large organization nameservers sending icmp packets to dns servers. Paul Vixie (Aug 08)
    - Re: large organization nameservers sending icmp packets to dns servers. Douglas Otis (Aug 08)
    - Re: large organization nameservers sending icmp packets to dns servers. Paul Vixie (Aug 08)
    - Re: large organization nameservers sending icmp packets to dns servers. Douglas Otis (Aug 09)
    - Re: large organization nameservers sending icmp packets to dns servers. Paul Vixie (Aug 09)
    - Re: large organization nameservers sending icmp packets to dns servers. Valdis . Kletnieks (Aug 09)
    - Re: large organization nameservers sending icmp packets to dns servers. Paul Vixie (Aug 09)
    - Re: large organization nameservers sending icmp packets to dns servers. Valdis . Kletnieks (Aug 10)
    - Re: large organization nameservers sending icmp packets to dns servers. Douglas Otis (Aug 10)
    - Re: large organization nameservers sending icmp packets to dns servers. Paul Vixie (Aug 10)
    - Re: large organization nameservers sending icmp packets to dns servers. Roland Dobbins (Aug 10)
    - Re: large organization nameservers sending icmp packets to dns servers. John Kristoff (Aug 10)
    - Re: large organization nameservers sending icmp packets to dns servers. David Conrad (Aug 07)
    - Re: large organization nameservers sending icmp packets to dns servers. Patrick W. Gilmore (Aug 07)
    - RE: large organization nameservers sending icmp packets to dns servers. David Schwartz (Aug 07)
    - Re: large organization nameservers sending icmp packets to dns servers. Patrick W. Gilmore (Aug 08)
    - Re: large organization nameservers sending icmp packets to dns servers. Valdis . Kletnieks (Aug 08)

(Thread continues...)