Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Thu, 22 Oct 2015 23:04:20 -0700
From: Tim Hockin <>
Subject: Re: Re: Would love to see reconsideration for domain and search

On Thu, Oct 22, 2015 at 11:00 PM, Rich Felker <> wrote:
> On Thu, Oct 22, 2015 at 10:37:53PM -0700, Tim Hockin wrote:
>> I saw from a different thread that musl doesn't or didn't do TCP
>> fallbacks - is that still the case?  I know we need that for things
>> like large multi-SRV sets (which I do not expect libc to support), and
>> we have some people who have large A sets (which I do expect libc to
>> support).
> Indeed. The only way you can overflow the UDP size limit with the
> records the stub resolver uses is with a max-length CNAME pointing to
> a max or near-max length record with little or no overlap to allow for
> compression. Of course you might run out of space for all the address
> results in other cases, but the truncated packet will still have
> usable results. While I'm not aware of any official document to this
> effect, for practical purposes you just have to avoid making names
> that long. There are too many nameservers that don't do TCP at all, as
> well as locked-down networks that don't allow TCP except on a few
> specific ports, to be able to rely on doing DNS over TCP.

Our case is exposing sets of fungible backends as a DNS name with
multiple A records.  Truncating the set will cause incorrect results
for clients who need to discover the whole set.  We can cross that
bridge when we get there.

> Naturally other non-stub-resolver things like zone transfers may need
> TCP, but that's outside the domain of the stub resolver. Note that the
> libc res_*/dn_*/ns_* APIs should be capable of working with longer
> messages over TCP as long as you setup the socket and do the send/recv
> yourself.
> Rich

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.