On Wed, Nov 11, 2015 at 01:15:37AM +,
Wessels, Duane wrote
a message of 107 lines which said:
> This updates RFC 2308 (Negative Caching of DNS Queries).
Good point, I'll add that. Also, I did not dare to add "Updates: RFC
1034". Should I?
> I think the WG needs to discuss and agree wheth
On 11/12/2015 01:30 AM, Tim Wicinski wrote:
>
> (as chair)
>
> I was the one who told Mark I liked the document but we needed to do
> less badgering of TLDs (my words, not his) and more on giving them
> advice on the best practices.
>
+1
I'd like to add that they may be badgered just as hard f
Jelte,
don't forget there are ccTLD registries run by third parties for
purely economic reasons, some better some worse. And a particular
compatriot comes to mind :-)-O
Then there are a number of smaller ccTLDs which are overwhelmed by
all of this. Never mind those who only answer their email w
I have seen the ISC EDNS compliance report (beautiful thing really), but it
loks as though the focus is really on the name servers and name server
operators. Has a recent study been done to examine whether client side/ISP
firewalls are interfering with EDNS?
--
Glen Wiley
Principal Engineer
Ver
> On Nov 12, 2015, at 7:59 AM, Wiley, Glen wrote:
>
> I have seen the ISC EDNS compliance report (beautiful thing really), but it
> loks as though the focus is really on the name servers and name server
> operators. Has a recent study been done to examine whether client side/ISP
> firewalls
On 11/11/15, 5:01 PM, "Tony Finch" wrote:
>Paul Vixie wrote:
>> On Wednesday, November 11, 2015 04:41:27 PM Tony Finch wrote:
>> > Paul Vixie wrote:
>> >
>> > > yes, that's flooding the channel. you're allowed one work-stream per
>> > > query, in order that timeouts and other loss are only fel
On Thu, 12 Nov 2015 08:00:50 -0800
Nicholas Weaver wrote:
> We've done some of this in Netalyzr. Captive portals in particular
> are a problem, with about 1% of systems measured in Netalyzr unable
> to use EDNS0 to get DNSSEC information either from the recursive
> resolver OR directly from the
> On Nov 12, 2015, at 8:43 AM, John Kristoff wrote:
>
> On Thu, 12 Nov 2015 08:00:50 -0800
> Nicholas Weaver wrote:
>
> After a DNS over TCP discussion a student of mine indicated that they
> recently fixed a problem in their network where DNS messages over 512
> bytes were not being relayed.
John Kristoff wrote:
> After a DNS over TCP discussion a student of mine indicated that they
> recently fixed a problem in their network where DNS messages over 512
> bytes were not being relayed. It appears the root cause has to do with
> some defaults being set common gear that simply drops mess
On 12 Nov 2015, at 0:15, Stephane Bortzmeyer wrote:
On Wed, Nov 11, 2015 at 01:15:37AM +,
Wessels, Duane wrote
a message of 107 lines which said:
This updates RFC 2308 (Negative Caching of DNS Queries).
Good point, I'll add that. Also, I did not dare to add "Updates: RFC
1034". Should I
> On Nov 12, 2015, at 12:15 AM, Stephane Bortzmeyer wrote:
>
> On Wed, Nov 11, 2015 at 01:15:37AM +,
> Wessels, Duane wrote
> a message of 107 lines which said:
>
>> This updates RFC 2308 (Negative Caching of DNS Queries).
>
> Good point, I'll add that. Also, I did not dare to add "Updat
The DNSOP WG has placed draft-andrews-dns-no-response-issue in state
Candidate for WG Adoption (entered by Tim Wicinski)
The document is available at
https://datatracker.ietf.org/doc/draft-andrews-dns-no-response-issue/
___
DNSOP mailing list
DNSOP@ie
All
I've read the threads and listened to the discussion. It seems to be
agreement that there is "Good Stuff" in here, and the key will be to
create a Best Practices document that describes this. I've talked with
Mark and he's up for taking consensus feedback, and he's made
significant alt
The real issue with fragmentation is that firewalls don't add
appropriate slit rules to let through the response fragments when
they open the pinhole for the reply packet.
It isn't that hard to add "permit from dest, to src, type udp, frag
offset != 0" when you add "permit from dest port 53, to s
> When I did inspection of "lameness" I ran across the definition
> of a lame server (in a few RFCs) being a name server, named in
> an NS set that responded that it was not authoritative for the
> answer sought.
>
> I cannot say that I have ever seen a definition of a lame
> delegation, just a lam
In message <39d878b4-9239-4983-8083-36bca365b...@verisign.com>, "Wessels, Duane
" writes:
>
> > On Nov 12, 2015, at 12:15 AM, Stephane Bortzmeyer wrote
> :
> >
> > On Wed, Nov 11, 2015 at 01:15:37AM +,
> > Wessels, Duane wrote
> > a message of 107 lines which said:
> >
> >> This updates
The DNSOP WG has placed draft-fanf-dnsop-rfc2317bis in state
Candidate for WG Adoption (entered by Tim Wicinski)
The document is available at
https://datatracker.ietf.org/doc/draft-fanf-dnsop-rfc2317bis/
___
DNSOP mailing list
DNSOP@ietf.org
https://w
17 matches
Mail list logo
