nanog mailing list archives
Re: v6 DNSSEC fail, was Buying IPv4 blocks
From: Mark Tinka <mark.tinka () seacom mu>
Date: Fri, 5 Oct 2018 07:12:26 +0200
On 5/Oct/18 03:07, John Levine wrote:
Yeah, V6 UDP fragmentation and anycast are bad news. You can sort of fix it by doing all your v6 DNSSEC DNS queries over TCP but it's a lot easier to stick to v4. Geoff Huston has written about this a lot and it's a well known problem in the DNS community. I'm surprised if it's news to anyone here. https://blog.apnic.net/2017/08/22/dealing-ipv6-fragmentation-dns/
In BIND, I think this can be solved by using the "minimal-responses" knob. Mark.
Current thread:
- Re: Buying IPv4 blocks, (continued)
- Re: Buying IPv4 blocks Tyler Conrad (Oct 01)
- Re: Buying IPv4 blocks Payam Poursaied (Oct 02)
- Re: Buying IPv4 blocks John Curran (Oct 02)
- Re: Buying IPv4 blocks Ross Tajvar (Oct 04)
- Re: Buying IPv4 blocks John Lee (Oct 04)
- Re: Buying IPv4 blocks Ross Tajvar (Oct 04)
- Re: Buying IPv4 blocks Matt Harris (Oct 04)
- Re: Buying IPv4 blocks John Levine (Oct 04)
- Re: Buying IPv4 blocks Marco Davids via NANOG (Oct 04)
- Re: v6 DNSSEC fail, was Buying IPv4 blocks John Levine (Oct 04)
- Re: v6 DNSSEC fail, was Buying IPv4 blocks Mark Tinka (Oct 04)
- Re: v6 DNSSEC fail, was Buying IPv4 blocks Mark Andrews (Oct 04)
- Re: v6 DNSSEC fail, was Buying IPv4 blocks Brandon Martin (Oct 04)
- Re: v6 DNSSEC fail, was Buying IPv4 blocks Mark Andrews (Oct 05)
- Re: v6 DNSSEC fail, was Buying IPv4 blocks Brandon Martin (Oct 05)
- Re: Buying IPv4 blocks John Lee (Oct 04)
- RE: v6 DNSSEC fail, was Buying IPv4 blocks Naslund, Steve (Oct 07)
- Re: v6 DNSSEC fail, was Buying IPv4 blocks Brandon Martin (Oct 07)
- Re: v6 DNSSEC fail, was Buying IPv4 blocks Bryce Wilson (Oct 09)