Preparing for upcoming DNSSEC changes on 5/5
jlightner at water.com
Mon May 3 20:15:07 UTC 2010
Is there something in the world know to be exactly 4096 or are you suggesting I somehow craft a record of that size?
From: bind-users-bounces+jlightner=water.com at lists.isc.org [mailto:bind-users-bounces+jlightner=water.com at lists.isc.org] On Behalf Of Kalman Feher
Sent: Monday, May 03, 2010 4:10 PM
To: bind-users at isc.org
Subject: Re: Preparing for upcoming DNSSEC changes on 5/5
On 3/05/10 9:54 PM, "Lightner, Jeff" <jlightner at water.com> wrote:
> On doing that however, I now see the advertised value is 3839 but the
> "at least" value is 3828 on one and 3827 on the other as shown below.
> Based on that it appears one should NOT set the edns-udp-size as it
> doesn't fix the problem.
This appears to be due to the nature of the testing tool.
Refer to the "How it works" section here:
You probably won't get an exact match due to its search method.
This may also place doubt on the maximum UDP size you are capable of. The
best way to find out for certain, is to try querying something that is
exactly 4096 and seeing if you get a truncated response (thus switching to
Note that this is further investigation is not required for 5/5. But its
always good to understand your network's limits. And may become more useful
in the coming months and years as DNSSEC pushes average query sizes up.
Kal Feher | Melbourne IT | Malmö, Sweden | ph: +46 406 919185 | mob: +46 734
bind-users mailing list
bind-users at lists.isc.org
Proud partner. Susan G. Komen for the Cure.
Please consider our environment before printing this e-mail or attachments.
CONFIDENTIALITY NOTICE: This e-mail may contain privileged or confidential information and is for the sole use of the intended recipient(s). If you are not the intended recipient, any disclosure, copying, distribution, or use of the contents of this information is prohibited and may be unlawful. If you have received this electronic transmission in error, please reply immediately to the sender that you have received the message in error, and delete it. Thank you.
More information about the bind-users