nanog mailing list archives
Re: trouble with .gov dns?
From: Mark Andrews <marka () isc org>
Date: Tue, 03 May 2011 11:19:49 +1000
In message <878vupuiu0.fsf () mid deneb enyo de>, Florian Weimer writes:
* William Herrin:Anyone else having trouble with .gov DNS failing with edns-udp-size set to 512?You need an UDP size of at least 1220 for DNSSEC, see RFC 3226, section 3. A query that advertises a smaller buffer size is non-compliant. BIND will send such queries, but this is a controversial feature. This has been noted before, for example: From: Mark Andrews <marka () isc org> Subject: [dnsext] Failure to add glue MUST cause TC to be set. To: dnsext () ietf org Date: Sun, 20 Feb 2011 08:07:15 +1100 Message-Id: <20110219210716.72943A5602B () drugs dv isc org>
And nameservers that don't set TC when they can't fit glue are broken RFC 1034. -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: marka () isc org
Current thread:
- Re: trouble with .gov dns?, (continued)
- Re: trouble with .gov dns? Florian Weimer (May 02)
- Re: trouble with .gov dns? William Herrin (May 02)
- Re: trouble with .gov dns? Florian Weimer (May 02)
- Re: trouble with .gov dns? William Herrin (May 02)
- Re: trouble with .gov dns? Tony Finch (May 02)
- Re: trouble with .gov dns? Florian Weimer (May 02)
- Re: trouble with .gov dns? David Conrad (May 03)
- Re: trouble with .gov dns? William Herrin (May 03)
- Re: trouble with .gov dns? Florian Weimer (May 03)
- Re: trouble with .gov dns? Edward Lewis (May 03)
- Re: trouble with .gov dns? William Herrin (May 02)
- Re: trouble with .gov dns? Florian Weimer (May 02)
- Re: trouble with .gov dns? Florian Weimer (May 02)