Preparing for upcoming DNSSEC changes on 5/5

Lightner, Jeff jlightner at
Mon May 3 20:55:07 UTC 2010

I was using the Java tester on a Windows system and saw the same
4096/3843 as I'd seen with DIG and just now noticed this comment in its

"Note: There will always be a difference between the announced and
measured buffer size because of the algorithm used. However this
difference should not exceed 300 bytes."

Also one of the links I sent earlier had a similar comment about less
than 300 bytes difference not being a problem.  I had missed that.

4096 - 3843 = 153 
It seems if I'd paid attention I'd not have posted my follow up

-----Original Message-----
From: at
[ at] On Behalf
Of Peter Laws
Sent: Monday, May 03, 2010 4:29 PM
To: Kalman Feher
Cc: bind-users at
Subject: Re: Preparing for upcoming DNSSEC changes on 5/5

On 05/03/10 14:56, Kalman Feher wrote:

> You probably should. Your resolver is saying its capable of handling
> but apparently your network path may not support that. The changes on

The network path to doesn't, but that doesn't really mean 
anything.  To some resolvers, the path may support 4096 while to others
is 591.  Who knows where the constriction is?

I still don't see the point of setting it to something *smaller* than
default unless I knew for certain that MY stuff couldn't handle a larger

size.  12 of the 16 hops twixt here and there are far beyond my control 
(and the other 4 only marginally :-).

Besides, we've seen one example where setting it smaller results in yet
smaller result.

Peter Laws / N5UWY
National Weather Center / Network Operations Center
University of Oklahoma Information Technology
plaws at
Feedback? Contact my director, Craig Cochell, craigc at Thank you!
bind-users mailing list
bind-users at
Proud partner. Susan G. Komen for the Cure.
Please consider our environment before printing this e-mail or attachments.
CONFIDENTIALITY NOTICE: This e-mail may contain privileged or confidential information and is for the sole use of the intended recipient(s). If you are not the intended recipient, any disclosure, copying, distribution, or use of the contents of this information is prohibited and may be unlawful. If you have received this electronic transmission in error, please reply immediately to the sender that you have received the message in error, and delete it. Thank you.

More information about the bind-users mailing list