[98478] in North American Network Operators' Group
Re: large organization nameservers sending icmp packets to dns servers.
daemon@ATHENA.MIT.EDU (Valdis.Kletnieks@vt.edu)
Thu Aug 9 17:40:02 2007
To: Paul Vixie <paul@vix.com>
Cc: nanog@merit.edu
In-Reply-To: Your message of "Thu, 09 Aug 2007 21:05:26 -0000."
<56122.1186693526@sa.vix.com>
From: Valdis.Kletnieks@vt.edu
Date: Thu, 09 Aug 2007 17:29:11 -0400
Errors-To: owner-nanog@merit.edu
--==_Exmh_1186694951_3716P
Content-Type: text/plain; charset=us-ascii
On Thu, 09 Aug 2007 21:05:26 -0000, Paul Vixie said:
> i think you're advising folks to monitor their authority servers to find out
> how many truncated responses are going out and how many TCP sessions result
> from these truncations and how many of these TCP sessions are killed by the
> RFC1035 4.2.2 connection management logic, and if the numbers seem high, then
> they ought to change their applications and DNS content so that truncations
> no longer result.
How does the (eventual) deployment of DNSSEC change these numbers?
And who's likely to feel *that* pain first?
--==_Exmh_1186694951_3716P
Content-Type: application/pgp-signature
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)
Comment: Exmh version 2.5 07/13/2001
iD8DBQFGu4cncC3lWbTT17ARAqQEAJ0Zo130wDSpCSIQrhckJxRyVWgpgwCeNcWJ
wzfq+N3WETat3uQVFLGqhfw=
=HzE6
-----END PGP SIGNATURE-----
--==_Exmh_1186694951_3716P--
