|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Subject: Re: dnscache
From: D. J. Bernstein (djb
cr.yp.to)Date: Mon Jun 19 2000 - 17:16:42 CDT
- Next message: Wietse Venema: "Re: dnscache"
- Previous message: Wietse Venema: "Re: Preventing email abuse"
- In reply to: Brad Knowles: "Re: dnscache"
- Next in thread: Wietse Venema: "Re: dnscache"
- Next in thread: Russ Allbery: "Re: dnscache"
- Reply: D. J. Bernstein: "Re: dnscache"
- Reply: Wietse Venema: "Re: dnscache"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
I've been asked to address Brad's comments on large DNS packets.
The DNScache package has no problem with DNS packets above the 512-byte
UDP limit. It doesn't mind 65535-byte TCP DNS packets. Even better, the
DNScache client interface doesn't allow the caller to screw this up.
``tinydns is UDP-only'' refers to the fact that, by default, the data
that _you_ publish about _your_ domains is provided only through UDP.
You have to do another configuration step if you want to provide data
through TCP. But this has nothing to do with lookups of other hosts.
In contrast, BIND has trouble with large packets. BIND's dnsquery tool
has an 8192-byte limit, for example. BIND's client interface forces the
caller to choose a maximum packet size and preallocate a buffer of that
size; it's unsurprising that most people choose small sizes.
---Dan
- Next message: Wietse Venema: "Re: dnscache"
- Previous message: Wietse Venema: "Re: Preventing email abuse"
- In reply to: Brad Knowles: "Re: dnscache"
- Next in thread: Wietse Venema: "Re: dnscache"
- Next in thread: Russ Allbery: "Re: dnscache"
- Reply: D. J. Bernstein: "Re: dnscache"
- Reply: Wietse Venema: "Re: dnscache"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]