On 14 jan 2010, at 10.38, ray.bel...@nominet.org.uk wrote: >> EDNS0 RFC restricts EDNS0 to 4096 bytes, number of implementations >> will not send more even if client ask for it. Firewalls will >> enforce this. > > RFC 2671 enforces no such limit - the strict limit is 65535, and §4.5.5 > has a hint that 4K might be a reasonable amount of state to maintain for > fragment reassembly. > > I seem to recall that BIND, however, will not permit the EDNS0 buffer size > to be configured above 4096. I'm not in a position to double check that > right now, though.
Please do not start talking about enforcing some fixed limit that we will laugh about 10 years from now... And if you talk about a limit, pick something very large (like 65535 that seems to be already chosen). It is enough problems with the 512 limit of today. I do not want to have the same problems when we pass 4096. Implementations should be free to choose an implementation limit smaller if they want to (and signal that in the EDNS0 size), but please do not say that "max value on EDNS0 size will forever be 4096" or something similar. Be careful with the wording... Patrik _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
