From 32dc912febbf3960c47a0ebfd387977b2c78656b Mon Sep 17 00:00:00 2001 From: ume Date: Sun, 10 Jun 2001 20:25:24 +0000 Subject: Implement EDNS0 support, as EDNS0 support will be made mandatory for IPv6 transport-ready resolvers/DNS servers. Need careful configuration when enable it. (default config is not affected). See manpage for details. XXX visible symbol __res_opt() is added, however, it is not supposed to be called from outside, libc minor is not bumped. Obtained from: KAME/NetBSD --- share/examples/IPv6/USAGE | 34 ++++++++++++++++++++++++++++++++++ 1 file changed, 34 insertions(+) (limited to 'share') diff --git a/share/examples/IPv6/USAGE b/share/examples/IPv6/USAGE index f9122c2..5a02037 100644 --- a/share/examples/IPv6/USAGE +++ b/share/examples/IPv6/USAGE @@ -626,4 +626,38 @@ Configuration at Host-A: -E rc5-cbc "kamekame" -A hmac-md5 "this is the test" ; +<<>> + +EDNS0 is defined in RFC2671. With EDNS0, the resolver library can tell DNS +server of its receiving buffer size, and permit DNS server to transmit large +reply packet. EDNS0 is necessary to take advantage of larger minimum MTU +in IPv6. KAME libinet6 includes resolver side support for EDNS0. +Server side support for EDNS0 is included in ISC BIND9. + + query packet with EDNS0 + tells receive buffer size +KAME box -----------------------------> BIND9 DNS server +KAME box <----------------------------- BIND9 DNS server + can transmit jumbo reply, since DNS server + knows receive buffer size of KAME box + +How to play with it: +- prepare KAME box and BIND9 DNS server (can be a same node) +- add the following into /etc/resolv.conf on KAME box: + options edns0 <--- enables EDNS0 + nameserver +- run applications compiled with libinet6 (like /usr/local/v6/bin/telnet), + see EDNS0 packet fly on the wire by tcpdump or some other method. + +Caveats: +- BIND 4/8 DNS server will choke with EDNS0 packet, so you must not + turn the option on if you have BIND 4/8 DNS server. If you enable + "options edns0" against BIND 4/8 DNS server, you will never be able + to resolve names. +- If you use IPv6 UDP as DNS transport, path MTU discovery may + affect the traffic. KAME box tries to fragment packet to 1280 + bytes, however, BIND9 may not. +- Some of our platforms do not use our extended resolver code in libinet6. + See COVERAGE for detail. + -- cgit v1.1