Davey Song(宋林健) wrote:
Thank you. The large DNS response in IPv6 is a real problem. ATR is one option to adopted in authoritative server alone. If someone or party have more influence on both resolver and authoritative side (cloud and app provider who can choose their own DNS resolution path), Mukund’s proposal to fragment the DNS message is a good solution.https://tools.ietf.org/html/draft-muks-dns-message-fragments-00
both ideas are wrong. what we have to do is arrange to fragment, using the ipv6 extension header, all ipv6 udp, for a period of not less than five years. noone who blocks ipv6 extension headers should be able to get reliable ipv6 udp services. we have to make this problem felt where it is made. we must NOT work around it to insulate the makers of the problem from the costs of their actions.
So I do recommend ATR and DNS message fragments should be both considered in a tool box for large DNS response issues.
can a freebsd kernel hacker please contact me? i need some patches, but i'm traveling extensively, and i can't do the investigation and software engineering myself.
-- P Vixie _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
