From 096d41b4e266c003cc3e6234c864f0a7d15145ab Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ond=C5=99ej=20Sur=C3=BD?= Date: Wed, 30 Sep 2020 18:38:32 +0200 Subject: [PATCH] Add text describing the changes done in the MR in more detail --- CHANGES | 5 +++++ doc/arm/reference.rst | 10 ++++++++++ doc/notes/notes-current.rst | 14 +++++++++++--- 3 files changed, 26 insertions(+), 3 deletions(-) diff --git a/CHANGES b/CHANGES index e355fb9b82..4c53f99852 100644 --- a/CHANGES +++ b/CHANGES @@ -1,3 +1,8 @@ +5516. [func] The default EDNS buffer size has been changed from 4096 + to 1232, the EDNS buffer size probing has been removed + and ``named`` now sets the DON'T FRAGMENT flag on + outgoing UDP packets. [GL #2183] + 5515. [func] Add 'rndc dnssec -rollover' command to trigger a manual rollover for a specific key. [GL #1749] diff --git a/doc/arm/reference.rst b/doc/arm/reference.rst index 349de3220c..f72c4c2f38 100644 --- a/doc/arm/reference.rst +++ b/doc/arm/reference.rst @@ -3414,6 +3414,16 @@ Tuning dropping patterns, the query is retried over TCP. Per-server EDNS statistics are only retained in memory for the lifetime of a given server's ADB entry. + The ``named`` now sets the DON'T FRAGMENT flag on outgoing UDP packets. + According to the measurements done by multiple parties this should not be + causing any operational problems as most of the Internet "core" is able to + cope with IP message sizes between 1400-1500 bytes, the 1232 size was picked + as a conservative minimal number that could be changed by the DNS operator to + a estimated path MTU minus the estimated header space. In practice, the + smallest MTU witnessed in the operational DNS community is 1500 octets, the + Ethernet maximum payload size, so a a useful default for maximum DNS/UDP + payload size on **reliable** networks would be 1400. + Any server-specific ``edns-udp-size`` setting has precedence over all the above rules. diff --git a/doc/notes/notes-current.rst b/doc/notes/notes-current.rst index 03baa1660a..aa3f0b3a46 100644 --- a/doc/notes/notes-current.rst +++ b/doc/notes/notes-current.rst @@ -24,8 +24,6 @@ Known Issues New Features ~~~~~~~~~~~~ -- None. - - Add a new ``rndc`` command, ``rndc dnssec -rollover``, which triggers a manual rollover for a specific key. [GL #1749] @@ -42,7 +40,17 @@ Removed Features Feature Changes ~~~~~~~~~~~~~~~ -- None. +- [DNS Flag Day 2020]: The default EDNS buffer size has been changed from 4096 + to 1232, the EDNS buffer size probing has been removed and ``named`` now sets + the DON'T FRAGMENT flag on outgoing UDP packets. According to the + measurements done by multiple parties this should not be causing any + operational problems as most of the Internet "core" is able to cope with IP + message sizes between 1400-1500 bytes, the 1232 size was picked as a + conservative minimal number that could be changed by the DNS operator to a + estimated path MTU minus the estimated header space. In practice, the smallest + MTU witnessed in the operational DNS community is 1500 octets, the Ethernet + maximum payload size, so a a useful default for maximum DNS/UDP payload size + on reliable networks would be 1400. [GL #2183] Bug Fixes ~~~~~~~~~