EDNS0 (RFC2535) provides a mechanism for sending larger DNS
transactions over UDP. RFC3226 (which is also referenced by Sender
ID) says that EDNS0 implementations MUST allow at least 1220 bytes,
and SHOULD allow at least 4000 bytes.
An acquaintance who's tried out EDNS0 tells me that it is surprisingly
hard to deploy and has worse interoperation problems than I would have
expected.
The first category of problems is what one might call the braindead
firewall problem -- a whole lot of firewalls know that a DNS packet
can never ever be bigger than 512 bytes, so they throw bigger packets
away. While there are well-documented configuration fixes for them
all, there are a whole lot of firewalls with this misfeature, to the
extent that the folklore among Windows admins (Windows has a widely
available EDNS0 client) is not to turn on EDNS0.
The second is the probe problem. An EDNS0 client sends a request with
a pseudo-RR asking for a big response, and then falls back to regular
queries if the server doesn't grok EDNS0. But servers un-grok EDNS0
in a remarkable number of unfortunate ways, including sending back
responses without the request's sequence number or any other way to
figure out what request it's responding to, or sending no response at
all. Since the number of EDNS0 servers is small, even with well
behaved servers EDNS0 clients send roughly twice as many requests as
they would otherwise, one to probe and then one to do the actual
request. Clients can try to keep a cache to remember the results of
prior probes but even that runs into trouble when you have a bunch of
servers responding to the same IP and they're not all the same.
The point of all this is that big responses will continue to be a
problem probably forever. I think that the way to keep the response
size down is to deploy new RR types as quickly as possiblee. Prefixes
are less helpful since as soon as you have wildcards (which really do
exist in mail domains) all the records all end up in all the nodes
anyway.
Regards,
John Levine, johnl(_at_)iecc(_dot_)com, Primary Perpetrator of "The Internet
for Dummies",
Information Superhighwayman wanna-be, http://www.johnlevine.com, Mayor
"I shook hands with Senators Dole and Inouye," said Tom, disarmingly.
--
John R. Levine, IECC, POB 727, Trumansburg NY 14886 +1 607 330 5711
johnl(_at_)iecc(_dot_)com, Mayor, http://johnlevine.com,
Member, Provisional board, Coalition Against Unsolicited Commercial E-mail