[toast0]

I mean sure, musl should add TCP DNS. But real world networking says if your DNS response is over the limit for basic UDP DNS, a meaningful proportion of clients won't get that response. Which I guess is okish if it's a TXT for mail servers, cause mail servers probably have a reasonable DNS setup; but if you wanted to return a lot of A records or AAAA records (or A records that a provider DNS64s into AAAA records), you need to be careful about how many you return, before the response gets too large and doesn't arrive.

This is something networks and DNS client libraries should fix, but we live in a world where PathMTU only mostly works, so realism gets your service working.

[cmeacham98]

This is literally the opposite of true. The OS-supplied resolver supports TCP DNS on all of the most popular desktop and mobile OSes and has for ages. I'd estimate a minimum of 90% of users have setups that support it, and I'm only hedging the 10% because I'm not sure how prevalent horribly misconfigured corporate firewalls are.

By not supporting TCP DNS you are the odd one out.

[toast0]

The OS supplied resolver may support it, but many networks block TCP DNS.

[tptacek]

Many networks also block AAAA DNS, because middleboxes are stupid. That doesn't mean it's OK for libc not to implement AAAA.

[skuhn]

It's non-trivial to determine if your response will fit into the UDP packet size, other than erring heavily on the side of caution.

Part of the request query is included in the response, IPv6 AAAA records are considerably larger than IPv4 A records, DNSSEC adds size, RFC 1035 message compression comes into play, EDNS0 comes into play, etc.

Which is all to say that you're right that for maximum compatibility you should endeavor to fit all responses into a UDP packet, but most places lack the sophistication to ensure that is always the case.

Supporting TCP DNS on the client side should not be considered optional if you want to successfully resolve records that you don't control.

[tptacek]

That's acceptable in the real world because virtually nobody uses IPv6, and people who run into IPv6 problems will just avoid musl.

[Lascaille]

>virtually nobody uses IPv6

Some very high percentage of mobile devices, when using mobile data, are on IPv6 and preferentially connect using IPv6. I think 80% of Meta traffic is IPv6.

Lots and lots and lots of people use IPv6.

I have to say though the BOFHesque attitude shown in this thread by a number of people has convinced me never to touch Alpine linux. I can already see exactly what sort of attitude towards users and input the developers encourage and that sort of ivory tower shit has absolutely zero appeal.