9 Aug
2007
9 Aug
'07
6:58 p.m.
Valdis.Kletnieks@vt.edu writes:
... advising folks to monitor their authority servers to find out how many truncated responses are going out and how many TCP sessions result from these truncations and how many of these TCP sessions are killed by the RFC1035 4.2.2 connection management logic, and if the numbers seem high, then they ought to change their applications and DNS content so that truncations no longer result.
How does the (eventual) deployment of DNSSEC change these numbers?
DNSSEC cannot be signalled except in EDNS.
And who's likely to feel *that* pain first?
the DNSSEC design seems to distribute pain very fairly. -- Paul Vixie