On Tue, 4 Aug 2020, Viktor Dukhovni wrote:
I've posted a few examples to this list of failure cases with a buffer
size of 1232 that are resolved with buffer sizes of ~1400.
So it is not entirely obvious where the most practical tradeoff lies.
And indeed that best value likely depends on where the resolver (or auth
server) sits on the network. So while we may be able to converge on a
recommended default, unfortunately some users may want/need to move the
needle up or down to meet their needs.
My sense at the moment is that 1232 is too conservative. I see
that (thanks Tony):
https://rp.delaat.net/2019-2020/p78/report.pdf
recomments 1372 for IPv4 and 1332 for IPv6 on internal networks and 1232
for stub resolvers using external IPv6 recursive servers out on the
public Internet.
It's almoast as if 1) we shouldn't hardcode any of this and 2)
definately not switch behaviour on some arbitrary "flag day".
Paul
_______________________________________________
dns-operations mailing list
dns-operations@lists.dns-oarc.net
https://lists.dns-oarc.net/mailman/listinfo/dns-operations
