Dealing with dual pitfalls and risks.
Guest post: How to lower the risk of fragmentation-based DNS attacks.
How should we engage with evolution and innovation in the Internet’s name space?
Guest Post: One in seven authoritative DNS servers found to be vulnerable to ICMP-based MTU spoofing attacks.
Guest Post: 0.1% of DNS traffic is fragmented, almost all of which comes from DNSSEC signed domains.
Can hop-by-hop extension headers solve the IPv6 path MTU discovery problem?
Geoff Huston on currently active IETF routing security, IPv6, and transport discussions.
Guest Post: This year’s DNS Flag Day seeks to draw attention to IP fragmentation issues within the DNS.
Google has fixed an IPv6 fragmentation handling problem in their Public DNS Service.
In part two of his IPv6 fragmentation research posts, Geoff Huston turns his attention to measuring the packet drop rate when sending fragmented packets to IPv6 end hosts.