On Fri, Sep 15, 2017 at 3:37 AM, Harshith Mulky <harshith.mu...@outlook.com> wrote: > Hello Experts, > > > I had a query on advertising the payload size on client in DNS Responses > over UDP/TCP > > > This is as much I have understood from RFC 6891, that a requester(client) > can address his capabilities to restrict the UDP Payload size to a limit > between 512 to 4096 bytes based on his limitation when supporting EDNS > Procedures. > > > Is it the same case with TCP? > > > Can we(client) advertize our capabilities over TCP to limit the payload size > in Responses?
What is it that you are actually trying to accomplish / why? I'm going to assume that this is to deal with some sort of brokenness and not just idle curiosity[0]. If you are actually experiencing issues with DNS over TCP it is most likely that you have some sort of broken path MTU discovery issue, and have a lower than expected MTU (this is likely also affecting other applications), but it could also be some broken middle box -- for example Cisco PIX has some, er, interesting DNS TCP artifacts: "Customers with NAT configured on a Cisco IOS device may experience issues receiving large DNS query response messages when TCP is used as the transport. Cisco IOS NAT does not have support for reassembling TCP segments. The lack of support for TCP segment reaasembly is a well-known issue that is documented under the question "Q. What is the difference between IP fragmentation and TCP segmentation?" at the following link: http://www.cisco.com/en/US/tech/tk648/tk361/technologies_q_and_a_item09186a00800e523b.shtml. " Anyway, without knowing more it is tricky to know what your actual issue is, but a: fixing pMTUd by making sure ICMP is allowed would likely be helpful, or b: decreasing the MTU / MSS to your actual MTU may help. W [0]: Which is also fine, but I needed to start somewhere. > > > Thanks > > Harshith > > > > _______________________________________________ > Please visit https://lists.isc.org/mailman/listinfo/bind-users to > unsubscribe from this list > > bind-users mailing list > bind-users@lists.isc.org > https://lists.isc.org/mailman/listinfo/bind-users -- I don't think the execution is relevant when it was obviously a bad idea in the first place. This is like putting rabid weasels in your pants, and later expressing regret at having chosen those particular rabid weasels and that pair of pants. ---maf _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
