packet too big

Michael Varre bind9 at kishmish.com
Thu Jul 15 20:23:36 UTC 2004



> -----Original Message-----
> From: bind-users-bounce at isc.org [mailto:bind-users-bounce at isc.org] On
> Behalf Of Justin Randall
> Sent: Wednesday, July 14, 2004 11:23 PM
> To: J.deBoynePollard at Tesco.NET; comp-protocols-dns-bind at isc.org
> Subject: Re: packet too big
> 
> Do you have port 53 filtered to allow TCP protocol as well?
> 
> 

All is good now, I've been reading up on EDNS0 and it makes sense why the
"old" way is many times no longer good enough and why some initial firewall
setups don't allow those > 512 packets through.

> >From: Jonathan de Boyne Pollard <J.deBoynePollard at Tesco.NET>
> >To: comp-protocols-dns-bind at isc.org
> >Subject: Re: packet too big
> >Date: Wed, 14 Jul 2004 16:45:18 GMT
> >
> >MV> I dug in and noticed a message is getting logged on the
> >MV> firewall that the [DNS response] packet is over 512 bytes
> >
> ><URL:http://homepages.tesco.net./~J.deBoynePollard/FGA/dns-edns0-and-
> firewalls.html>
> >
> 
> _________________________________________________________________
> Add photos to your messages with MSN Premium. Get 2 months FREE*
> http://join.msn.com/?pgmarket=en-
> ca&page=byoa/prem&xAPID=1994&DI=1034&SU=http://hotmail.com/enca&HL=Market_
> MSNIS_Taglines
> 




More information about the bind-users mailing list