1. DNS/EDNS/bufsize

Contents

DNS/EDNS/bufsize

について、ここに記述してください。

1.1. ルートゾーンKSKロールオーバー

影響 : DNSSECを使っていなくても影響があるリゾルバー

1.2. OARC

https://www.dns-oarc.net/oarc/services/replysizetest

If a resolver does not support the Extension Mechanisms for DNS (EDNS), replies are limited to 512 bytes.
The resolver may be behind a firewall that blocks IP fragments.
Some DNS-aware firewalls block responses larger than 512 bytes.

How To Use

$ dig +short rs.dns-oarc.net TXT

1.3. ISC

https://www.dns-oarc.net/oarc/services/replysizetest

1.4. 手元のBIND

$ dig +short rs.dns-oarc.net TXT
rst.x487.rs.dns-oarc.net.
rst.x461.x487.rs.dns-oarc.net.
rst.x466.x461.x487.rs.dns-oarc.net.
"Tested at 2018-11-27 00:00:35 UTC"
"sent EDNS buffer size 512"
"DNS reply size limit is at least 487"

1.5. 手元のUnbound

$ dig +short rs.dns-oarc.net TXT @127.0.0.3
rst.x1188.rs.dns-oarc.net.
rst.x1198.x1188.rs.dns-oarc.net.
rst.x1169.x1198.x1188.rs.dns-oarc.net.
"DNS reply size limit is at least 1198"
"sent EDNS buffer size 1220"
"Tested at 2018-11-27 00:01:32 UTC"

1.6. 手元のpdns-recursor

$ dig +short rs.dns-oarc.net TXT @127.0.0.2
rst.x1643.rs.dns-oarc.net.
rst.x1653.x1643.rs.dns-oarc.net.
rst.x1624.x1653.x1643.rs.dns-oarc.net.
"DNS reply size limit is at least 1653"
"Tested at 2018-11-27 00:03:36 UTC"
"sent EDNS buffer size 1680"

1.7. 8.8.8.8

$ dig +short rs.dns-oarc.net TXT @8.8.8.8
rst.x4090.rs.dns-oarc.net.
rst.x4058.x4090.rs.dns-oarc.net.
rst.x4064.x4058.x4090.rs.dns-oarc.net.
"173.194.171.13 DNS reply size limit is at least 4090"
"173.194.171.13 sent EDNS buffer size 4096"
"Tested at 2018-11-27 00:06:38 UTC"

1.8. 9.9.9.9

$ dig +short rs.dns-oarc.net TXT @9.9.9.9
rst.x1643.rs.dns-oarc.net.
rst.x1653.x1643.rs.dns-oarc.net.
rst.x1624.x1653.x1643.rs.dns-oarc.net.
"74.63.20.244 sent EDNS buffer size 1680"
"Tested at 2018-11-27 00:07:30 UTC"
"74.63.20.244 DNS reply size limit is at least 1653"

1.9. 1.1.1.1

$ dig +short rs.dns-oarc.net TXT @1.1.1.1
rst.x1433.rs.dns-oarc.net.
rst.x1408.x1433.rs.dns-oarc.net.
rst.x1414.x1408.x1433.rs.dns-oarc.net.
"Tested at 2018-11-27 00:08:33 UTC"
"108.162.227.251 sent EDNS buffer size 1452"
"108.162.227.251 DNS reply size limit is at least 1433"

MoinQ: DNS/EDNS/bufsize

1. DNS/EDNS/bufsize

1.1. ルートゾーンKSKロールオーバー

1.2. OARC

1.3. ISC

1.4. 手元のBIND

1.5. 手元のUnbound

1.6. 手元のpdns-recursor

1.7. 8.8.8.8

1.8. 9.9.9.9

1.9. 1.1.1.1