Commit 096d41b4 authored by Ondřej Surý's avatar Ondřej Surý Committed by Ondřej Surý

Add text describing the changes done in the MR in more detail

parent b9a42446
5516. [func] The default EDNS buffer size has been changed from 4096
to 1232, the EDNS buffer size probing has been removed
and ``named`` now sets the DON'T FRAGMENT flag on
outgoing UDP packets. [GL #2183]
5515. [func] Add 'rndc dnssec -rollover' command to trigger a
manual rollover for a specific key. [GL #1749]
......
......@@ -3414,6 +3414,16 @@ Tuning
dropping patterns, the query is retried over TCP. Per-server EDNS statistics
are only retained in memory for the lifetime of a given server's ADB entry.
The ``named`` now sets the DON'T FRAGMENT flag on outgoing UDP packets.
According to the measurements done by multiple parties this should not be
causing any operational problems as most of the Internet "core" is able to
cope with IP message sizes between 1400-1500 bytes, the 1232 size was picked
as a conservative minimal number that could be changed by the DNS operator to
a estimated path MTU minus the estimated header space. In practice, the
smallest MTU witnessed in the operational DNS community is 1500 octets, the
Ethernet maximum payload size, so a a useful default for maximum DNS/UDP
payload size on **reliable** networks would be 1400.
Any server-specific ``edns-udp-size`` setting has precedence over all
the above rules.
......
......@@ -24,8 +24,6 @@ Known Issues
New Features
~~~~~~~~~~~~
- None.
- Add a new ``rndc`` command, ``rndc dnssec -rollover``, which triggers
a manual rollover for a specific key. [GL #1749]
......@@ -42,7 +40,17 @@ Removed Features
Feature Changes
~~~~~~~~~~~~~~~
- None.
- [DNS Flag Day 2020]: The default EDNS buffer size has been changed from 4096
to 1232, the EDNS buffer size probing has been removed and ``named`` now sets
the DON'T FRAGMENT flag on outgoing UDP packets. According to the
measurements done by multiple parties this should not be causing any
operational problems as most of the Internet "core" is able to cope with IP
message sizes between 1400-1500 bytes, the 1232 size was picked as a
conservative minimal number that could be changed by the DNS operator to a
estimated path MTU minus the estimated header space. In practice, the smallest
MTU witnessed in the operational DNS community is 1500 octets, the Ethernet
maximum payload size, so a a useful default for maximum DNS/UDP payload size
on reliable networks would be 1400. [GL #2183]
Bug Fixes
~~~~~~~~~
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment