[AusNOG] "stateless TCP" for DNS

Mark Andrews marka at isc.org
Wed Nov 17 14:57:16 EST 2010 

In message <AANLkTi=LuL38RnhaUHa2=iCTENfi1-5-7UPOUp=Y57c8 at mail.gmail.com>, Anan
d Kumria writes:
> --0015174c36546807bc04952aca67
> Content-Type: text/plain; charset=UTF-8
> 
> Hi Mark,
> 
> On Mon, Nov 15, 2010 at 5:00 AM, Mark Andrews <marka at isc.org> wrote:
> 
> >
> > * Using IPv6 and DNSSEC, the DNS response will always exceed 512 Bytes.
> >
> > [ Which is demonstrably wrong.
> 
> And yet you demonstrated querying a root server over IPv4. ???

Querying over IPv6 doesn't change the size of the UDP payload.  DNS
it transport agnostic.

Mark

; <<>> DiG 9.6.0-APPLE-P2 <<>> -6 +dnssec br @a.root-servers.net
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 60771
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 8, ADDITIONAL: 9
;; WARNING: recursion requested but not available

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags: do; udp: 4096
;; QUESTION SECTION:
;br.				IN	A

;; AUTHORITY SECTION:
br.			172800	IN	NS	d.dns.br.
br.			172800	IN	NS	c.dns.br.
br.			172800	IN	NS	a.dns.br.
br.			172800	IN	NS	f.dns.br.
br.			172800	IN	NS	e.dns.br.
br.			172800	IN	NS	b.dns.br.
br.			86400	IN	DS	41674 5 1 EAA0978F38879DB70A53F9FF1ACF21D046A98B5C
br.			86400	IN	RRSIG	DS 8 1 86400 20101124000000 20101116230000 40288 . I0n3ut3aId9iyOhgENTVeCYZP+v9m/mOt0c+B0sT9YpeWVDAYVomCx/x 0/DhxvFcqGwYQ35/+fmVBF2uD2NZEWYgx+PjzUHAjq0/JOGEmxHS5POC fMQ4oOYc96jatVXDxpEMCQEkpRx2QbuTIG946mpSJovDSIlaLT88BFQv sgE=

;; ADDITIONAL SECTION:
a.dns.br.		172800	IN	A	200.160.0.10
a.dns.br.		172800	IN	AAAA	2001:12ff::10
b.dns.br.		172800	IN	A	200.189.40.10
c.dns.br.		172800	IN	A	200.192.232.10
d.dns.br.		172800	IN	A	200.219.154.10
e.dns.br.		172800	IN	A	200.229.248.10
e.dns.br.		172800	IN	AAAA	2001:12f8:1::10
f.dns.br.		172800	IN	A	200.219.159.10

;; Query time: 183 msec
;; SERVER: 2001:503:ba3e::2:30#53(2001:503:ba3e::2:30)
;; WHEN: Wed Nov 17 14:43:23 2010
;; MSG SIZE  rcvd: 478

> > ; <<>> DiG 9.6.0-APPLE-P2 <<>> +dnssec br @a.root-servers.net
> > ;; global options: +cmd
> > ;; Got answer:
> > ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 32934
> > ;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 8, ADDITIONAL: 9
> > ;; WARNING: recursion requested but not available
> >
> > ;; OPT PSEUDOSECTION:
> > ; EDNS: version: 0, flags: do; udp: 4096
> > ;; QUESTION SECTION:
> > ;br.                            IN      A
> >
> >
> [snip]
> 
> 
> > ;; Query time: 163 msec
> > ;; SERVER: 198.41.0.4#53(198.41.0.4)
> >
> 
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> 
> 
> > ;; WHEN: Mon Nov 15 15:48:59 2010
> > ;; MSG SIZE  rcvd: 478
> > ]
> >
> 
> Anand
> 
-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: marka at isc.org

More information about the AusNOG mailing list