On Fri, Sep 10, 2010 at 08:35:04AM -0600, Andy Bradford wrote: > Thus said =?UTF-8?Q?Martin_Pelik=C3=A1n?= on Thu, 09 Sep 2010 12:21:17 +0200: > > > It depends on what do you need. The defaults suffice for most cases, > > but on our most loaded router we use tcp both 256k and udp send space > > 65k (lots of dns). Just test it somewhere. > > Why would you need 65k UDP for DNS? Almost all UDP based DNS responses > are under 512 bytes, those that are larger are required to set the > truncated bit and the client restart the query using TCP. >
Because on busy servers you need to queue quite a few packets to handle bursts. And the limit was rised by the use of EDNS (i think that's the magic acronym for this). Requiring TCP for larger responses is unfeasable with the idea of DNSSEC. -- :wq Claudio
