[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [node req] Issue37: EDNS0 support

On Wed, 11 Feb 2004, Francis Dupont wrote:
>    > >     - EDNS0 [RFC-2671] to allow for DNS packet sizes larger than 512
>    > >       octets.
>    > >
>    > > .. I'm operationally concerned about the last SHOULD.  As far as I
>    > > know, EDNS0 is not really implemented.  It does not seem to include a
>    > > SHOULD to something that hasn't seen practical, wide-spread
>    > > deployment
>    > > already.  I'd recommend removing this or rewording it to a MAY.
>    > >
>    Is there a technical problem with EDSNO (e.g., broken, doesn't scale, too 
>    complex, etc.)?  Or has it not been deployed because it hasn't been 
>    implemented.  If it's the latter than making it a SHOULD be implemented 
>    would appear to be the right message.
> => I simply disagree with the "as far as I know, EDNS0 is not really
> implemented". IMHO this is not true and not only in DNSSEC testbeds
> where EDNS0 is really needed.

I'm not really sure what you're saying -- do you mean "EDNS0 is really 
needed in DNSSEC testbeds" and 
 a) "thus EDNS0 is needed" , 
 b) "and EDNS0 has been implemented otherwise as well", or
 c) something else?

AFAIK, most BSDs implment EDNS0 but none of them enable it by default.  
Linux glibc doesn't implement it.  Microsoft does not implement it
(not sure).  

BIND does implement it, but the *point* here is stub resolver support
("node requirements"), not the support in DNS servers.

AFAIK, we don't have real deployment experience of this.  I don't
think we know the full consequences resulting from EDNS0 use because
it hasn't been widely used yet. Thus, I'm a bit hesitant to put
wording as strong as SHOULD here.

Pekka Savola                 "You each name yourselves king, yet the
Netcore Oy                    kingdom bleeds."
Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings

IETF IPv6 working group mailing list
Administrative Requests: https://www1.ietf.org/mailman/listinfo/ipv6