Join GitHub today
GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together.Sign up
Limit the number of IPs addrman learns from each DNS seeder #12626
@sipa Packets larger than 512 bytes are supported with the introduction of EDNS (see RFC 6891 dated April 2013; earlier RFCs that reference EDNS0 that may also be of interest) that uses an unsigned 16-bit integer to specify RDLEN (Record Data Length). Also, while UDP is a MUST for DNS services, TCP is a SHOULD, and both of these transport layer protocols can, for the most part, support EDNS's larger packet size options.
In summary, the natural limit that is more well-known has effectively been extended (IP packet fragmentation and reassembly make it possible to venture beyond the MSU, which is commonly set to 1,500 bytes).
Three years ago I tested the number of DNS entries I could get into Bitcoin for the eclipse attack paper. My test setup was Ubuntu Linux running Bitcoind querying a custom DNS server on localhost. We didn't end up using this attack so I wrote up a blog entry about the general question without mentioning bitcoin: How many IP addresses can a DNS query return?