North American Network Operators Group|
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical
Re: large organization nameservers sending icmp packets to dns servers.
On Aug 7, 2007, at 3:45 PM, Valdis.Kletnieks@xxxxxx wrote:
On Tue, 07 Aug 2007 14:38:06 EDT, "Patrick W. Gilmore" said:In addition, any UDP truncated response needs to be retried via TCP- blocking it would cause a variety of problems.
The point is, if you are the authority, you know how big the packet is. If you know it ain't over 512, then you don't need TCP.
Or are you saying you do? Wouldn't it be 'incredibly stupid' for recursive servers to -require- TCP, even for < 512 byte packets?
Unless, of course, you are so incredibly stupid you can't figure out the difference between an authority and a caching server.
Interesting. You are suggesting that as a content provider, one should rely on measurements from random caching name servers around the Internet, many of which you admit yourself are configured not to respond to addresses outside their network? Pardon me for not considering an idea you admit yourself wouldn't work.
But you are right, I totally missed that part of the conversation. Mea Culpa.
And in case anyone wasn't clear, yes, of course, running a recursive server that doesn't accept TCP53 will probably result in missing data your users want occasionally.
As for being "incredibly stupid", well, as I have said in private, calling a bunch of people rude names without even asking them why they are doing what you think is so stupid is .. uh .. probably not very bright. :) Unless, of course, you want everyone else passing judgement on how you run your network without asking.
-- TTFN, patrick