fragmentation Archives

IP fragmentation and the DNS — mitigation

By Carsten Strotmann on 13 Dec 2022

Guest post: How to lower the risk of fragmentation-based DNS attacks.

DNS evolution: Innovation or fragmentation?

By Geoff Huston on 30 Sep 2022

How should we engage with evolution and innovation in the Internet’s name space?

IP fragmentation and the DNS — Vulnerable DNS servers

By Carsten Strotmann on 29 Sep 2022

Guest Post: One in seven authoritative DNS servers found to be vulnerable to ICMP-based MTU spoofing attacks.

IP fragmentation and the DNS — the state of IP fragmentation

By Carsten Strotmann on 21 Sep 2022

Guest Post: 0.1% of DNS traffic is fragmented, almost all of which comes from DNSSEC signed domains.

Hop-by-hop extension headers

By Geoff Huston on 22 Apr 2022

Can hop-by-hop extension headers solve the IPv6 path MTU discovery problem?

More notes from IETF 112

By Geoff Huston on 23 Nov 2021

Geoff Huston on currently active IETF routing security, IPv6, and transport discussions.

DNS Flag Day 2020: what you need to know

By Ondřej Surý on 17 Sep 2020

Guest Post: This year’s DNS Flag Day seeks to draw attention to IP fragmentation issues within the DNS.

Google fixes Public DNS Service

By Geoff Huston on 13 Nov 2017

Google has fixed an IPv6 fragmentation handling problem in their Public DNS Service.

Dealing with IPv6 fragmentation in the DNS, Part 2

By Geoff Huston on 29 Aug 2017

In part two of his IPv6 fragmentation research posts, Geoff Huston turns his attention to measuring the packet drop rate when sending fragmented packets to IPv6 end hosts.

Dealing with IPv6 fragmentation in the DNS

By Geoff Huston on 22 Aug 2017

Is IPv6 fragmentation a fixable problem in the DNS, and if so, how?