John Levine <johnl(_at_)iecc(_dot_)com> wrote:
Yes. I was surprised to learn that there is a bug in widely used
resolver libraries so that if it makes a TCP request, and the response
isn't entirely contained in the first packet, the resolver gives up and
could we please have a bit more facts on the table? Which implementation is
that and up to which version?
Believe it. I think it's due to bugs in the code that waits for a
response or a timeout and doesn't go back to look for more data after
getting the first data chunk back. Given how few DNS queries have
So that would be a resolver that implements at least part of TCP on its own?
Again, names please. There have been far too many rumors and hearsay wrt
DNS on this list.
needed TCP, and how few of the responses have been too big to fit in a
1500 MTU, it's not surprising nobody's noticed before.
1500 is not a critical number here, 512 is. An there are lots of answers
that do need >512 octets, especially in the IN-ADDR tree.