[getdns-api] EDNS maximum UDP payload size defaults to 512

Shumon Huque shuque at gmail.com
Mon Sep 22 19:50:00 CEST 2014


On Thu, Aug 28, 2014 at 6:09 AM, Iñigo Ortiz de Urbina Cazenave <
iortiz at ripe.net> wrote:

> On 27/08/14 18:48, Wessels, Duane wrote:
> > Hello All,
> >
> > The getdns API description says:
> >
> >> getdns_return_t getdns_context_set_edns_maximum_udp_payload_size(
> >>     getdns_context *context,
> >>     uint16_t value
> >> );
> >>
> >> The value is between 512 and 65535; the default is 512.
> >
> > Can someone explain why 512 should be the default value?  It seems odd
> > that if the library is going to add an EDNS0 OPT record, that it should
> > use the smallest possible value for the buffer size.  Software with long
> > deployment history uses large values, such as 4096 and measurements from
> > root/TLD name servers also indicates that 4096 is a very common value.
> >
> > It should at least be safe to have a default value close to ethernet MTU
> > sizes minus some for safety (1400-ish).
>
> +1 to this pragmatic approach.
>
> An alternative, working default could also be around the magic number 1280.
>

I strongly support this also. And we'd like to change the default in the
NLNetLabs/Verisign implementation ( http://getdnsapi.net ), so if anyone
has any strong objections, please voice them. Clearly, the API supports the
ability to configure a specific value for the UDP payload, but we'd like to
see a more reasonable default.

The 1280 magic number comes from the IPv6 minimum MTU. To avoid IPv6
fragmentation, we'd need to specify a number somewhat below 1280 to account
for UDP header (8 bytes) and any likely encapsulation/extension headers.
BIND appears to use a value of 1232 for this purpose. But I'm okay with
starting at 4096 as long as implementations also do downward probing on
failure. Note that the current getdnsapi.net implementation is actually
using a value of 4096 (with downward probing) due to a bug that didn't
match the spec. But we'd like to get the spec updated.

--Shumon.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://getdnsapi.net/pipermail/spec/attachments/20140922/5ca2e7be/attachment.html>
-------------- next part --------------
_______________________________________________
getdns-api mailing list
getdns-api at vpnc.org


More information about the spec mailing list