[getdns-api] EDNS maximum UDP payload size defaults to 512
Wessels, Duane
dwessels at verisign.com
Thu Aug 28 23:58:59 CEST 2014
On Aug 28, 2014, at 11:38 AM, Phil Pennock <getdns-api-phil at spodhuis.org> wrote:
> On 2014-08-27 at 16:48 +0000, Wessels, Duane wrote:
>> Hello All,
>> The getdns API description says:
>>
>>> getdns_return_t getdns_context_set_edns_maximum_udp_payload_size(
>>> getdns_context *context,
>>> uint16_t value
>>> );
>>>
>>> The value is between 512 and 65535; the default is 512.
>>
>> Can someone explain why 512 should be the default value? It seems odd
>> that if the library is going to add an EDNS0 OPT record, that it should
>> use the smallest possible value for the buffer size. Software with long
>> deployment history uses large values, such as 4096 and measurements from
>> root/TLD name servers also indicates that 4096 is a very common value.
>
> Broken firewalls which don't handle UDP fragment reassembly; broken
> firewalls which limit port 53 UDP to 512 octets.
>
> A client library which causes breakage, when people switch to it, will
> develop a bad reputation even if the problem lies elsewhere.
Yes, thanks to these broken things we live in a world where DNS clients
must be prepared to retry their queries with different EDNS parameters.
Fine.
But that is not a good reason to make 512 the default. The default values
should be appropriate for the common case -- for the way things should be.
The default should not cater to the badness.
Although, now that I think about it, perhaps the 512 default will serve
to advance one of my other goals -- increased use of TCP. If I understand
the spec correctly, if you enable validation but don't know that you should
also increase the payload size, then probably a lot of your responses will
be TC=1 and we'll start to see a lot more TCP...
DW
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 495 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://getdnsapi.net/pipermail/spec/attachments/20140828/6dc182cc/attachment.bin>
-------------- next part --------------
_______________________________________________
getdns-api mailing list
getdns-api at vpnc.org
More information about the spec
mailing list