Eliminating Authoritative Resource Records and Aditional Resource Records in DNS Responses

phn at icke-reklam.ipsec.nu phn at icke-reklam.ipsec.nu
Wed Jun 12 16:15:09 UTC 2002

Miguel Paramio <miguel.paramio at bt.es> wrote:

> Hello everybody,

> Some days ago I posted a message about "truncated dns packets" and the
> way Novell Clients understands these kind of messages.

> The problem comes from the Authoritative Resource Records and the
> Aditional Resource Records, this information about the authorized DNS
> servers make the DNS packet too large.

> If the DNS packet exceeds 512 Bytes, then the TC (Truncated) Bit is
> marked, and the client retry in TCP Mode and the server send the
> message in a set of truncated packets.

> The problem will be close if we eliminate the Authoritative Resource
> Records and Aditional Resource Records.

The problems will go away if you start using standards conformant stuff.
What does novell says about your problems ?

> Is there any way to eliminate this type of records in DNS responses ??

You could try :
minimal-responses yes; 
additional-from-auth no;
additional-from-cache no;

( never tried them, but according to the ARM book they seem to reduce the
number of items returned)

> We are using Bind 9.1.2 and Bind 9.2.1

> Thanks in advance

Peter Håkanson         
        IPSec  Sverige      ( At Gothenburg Riverside )
           Sorry about my e-mail address, but i'm trying to keep spam out,
	   remove "icke-reklam" if you feel for mailing me. Thanx.

More information about the bind-users mailing list