In <b7079e220406211054348c99ee(_at_)mail(_dot_)gmail(_dot_)com> Tim Meadowcroft
<meercat(_at_)gmail(_dot_)com> writes:
I believe a DNS TXT record can be up to 65535
In theory, yes, in practice, it is not a good idea.
I understand some DNS servers may enforce lower limits, but a TXT
record can be over 255 (of course, keeping the packet under the usual
UDP single packet size of about 1500 bytes is a good idea).
The limit on UDP packets for DNS is 512 bytes, but the overhead from
UDP and DNS must be taken into account. This is a hard-coded limit
built into most DNS servers and the fact that UDP packets in general
can be larger doesn't help.
If the DNS packet is too large, most DNS servers will try to fall back
to sending the information via TCP. This has two huge problems.
First, using TCP is far more expensive, and the fallback occurs only
after you have wasted time trying to use UDP. Secondly, many
firewalls block DNS over TCP. Yes, these firewalls are broken, but
they are too common to ignore.
-wayne