Borderline dns-ops, sorry folks! - but this is interesting
as we've been talking about ipv6 being operational, and this
is part of it...
Mark Andrews (marka) writes:
If you are seeing TC between the resolver and the server and the TCP
query is being answers then
something in the path is intercepting the DNS queries.
TC is on the answer from the remote server to my resolver, so
like something is messing with the packets.
Don't see any v6 fragments (that'd be a problem since PF doesn't
them on this host).
You should see something like this on the wire. The second query is to
dig's query over TCP.
I'm not seeing fragments as you are.
Here's what I see:
14:40:20.955876 IP6 2001:2000:1080:d::2.64561 > 2001:4f8:0:2::8.53: 52841
TXT? edns-v6-ok.isc.org. (36)
14:40:21.141948 IP6 2001:4f8:0:2::8.53 > 2001:2000:1080:d::2.64561:
52841*-| 0/0/0 (36)
14:40:21.142259 IP6 2001:2000:1080:d::2.53262 > 2001:4f8:0:2::8.53: Flags
[S], seq 1112939462, win 65535, options [mss 1440,nop,wscale 6,sackOK,TS
val 2571957531 ecr 0], length 0
14:40:21.327895 IP6 2001:4f8:0:2::8.53 > 2001:2000:1080:d::2.53262: Flags
[R.], seq 0, ack 1112939463, win 0, length 0