DNS was [Gllug] IPSec
Robert McKay
robert at mckay.com
Tue Feb 12 13:59:14 UTC 2002
On Tue, 12 Feb 2002 tet at accucard.com wrote:
> >I'm curious; what's a 'large' DNS query? Is that where you store a HUGE
> >FQDN, or when you store other stuff in a DNS (like keys for IPSec)? Is it
> >only appropriate for lookups or for reverse lookups as well?
>
> DNS queries are almost always small enough to fit in UDP, but
> replies to those queries may include multiple responses, plus
> additional information such as where to find authoritative answers,
> etc.
>
> Interestingly enough, I was just trying to provoke DNS into giving me
> a long response to use as an illustration of how it would use TCP where
> necessary, but the closest I could come was:
>
> host -t any hotmail.com e.root-servers.net
>
> which resulted in exactly 512 bytes of data (i.e., the maximum size
> allowed in a UDP DNS response). One more byte in the response, and
> it would have used TCP instead. Certain domains return larger responses
> than others. I picked hotmail.com because I happen to know it has a
> large number of MX records.
>
> Tet
host -t A bigassdomain.mckay.com
provoked the desired response..
-Robert.
--
Gllug mailing list - Gllug at linux.co.uk
http://list.ftech.net/mailman/listinfo/gllug
More information about the GLLUG
mailing list