Sign up to save your podcasts
Or
Share IPv6 Fragmentation and the DNS
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
IPv6 Fragmentation and the DNS
In this episode of PING, APNIC’s Chief Scientist Geoff Huston discusses the change in IP packet fragmentation behaviour adopted by IPv6, and the implications of a change in IETF “Normative Language” regarding use of IPv6 in the DNS.
IPv4 arguably succeeds over so many variant underlying links and networks because it’s highly adaptable to fragmentation in the path. IPv6 has a proscriptive requirement that only the end hosts fragment, which limits how intermediate systems can handle IPv6 data in flight. In the DNS, increasing complexity from things like DNSSEC mean the the DNS packet sizes are getting larger and larger, which risks invoking the IPv6 fragmentation behaviour in UDP. This has consequences for the reliability and timeliness of the DNS service.
For this reason, a revision of the IETF normative language (the use of capitalised MUST MAY SHOULD and MUST NOT) directing how IPv6 integrates into the DNS service in deployment has risks. Geoff argues for a “first, do no harm” approach to this kind of IETF document.
Read more about IPv6, Fragmentation, the DNS and Geoff’s measurements on the APNIC Blog and APNIC Labs:
- IPv6, the DNS and Happy Eyeballs
- How we measure DNSSEC Validation
- DNS is the new BGP
- To DNSSEC or Not
View all episodes
By APNIC
5
44 ratings
In this episode of PING, APNIC’s Chief Scientist Geoff Huston discusses the change in IP packet fragmentation behaviour adopted by IPv6, and the implications of a change in IETF “Normative Language” regarding use of IPv6 in the DNS.
IPv4 arguably succeeds over so many variant underlying links and networks because it’s highly adaptable to fragmentation in the path. IPv6 has a proscriptive requirement that only the end hosts fragment, which limits how intermediate systems can handle IPv6 data in flight. In the DNS, increasing complexity from things like DNSSEC mean the the DNS packet sizes are getting larger and larger, which risks invoking the IPv6 fragmentation behaviour in UDP. This has consequences for the reliability and timeliness of the DNS service.
For this reason, a revision of the IETF normative language (the use of capitalised MUST MAY SHOULD and MUST NOT) directing how IPv6 integrates into the DNS service in deployment has risks. Geoff argues for a “first, do no harm” approach to this kind of IETF document.
Read more about IPv6, Fragmentation, the DNS and Geoff’s measurements on the APNIC Blog and APNIC Labs:
- IPv6, the DNS and Happy Eyeballs
- How we measure DNSSEC Validation
- DNS is the new BGP
- To DNSSEC or Not
More shows like PING
View all
Security Now (Audio)
1,963 Listeners
Radiolab
43,833 Listeners
Risky Business
361 Listeners
The Amp Hour Electronics Podcast
230 Listeners
The Talk Show With John Gruber
3,115 Listeners
Network Break
101 Listeners
Darknet Diaries
7,822 Listeners
IPv6 Buzz
33 Listeners
The Hedge
15 Listeners
Ctrl+Alt+Azure
12 Listeners
The Art of Network Engineering
81 Listeners
Flyvende tallerken
31 Listeners
The Weekly Show with Jon Stewart
10,200 Listeners
Risky Bulletin
33 Listeners
Oxide and Friends
47 Listeners