Insecure response BIND 9.7.0b2

Stephane Bortzmeyer bortzmeyer at
Fri Nov 20 15:58:17 UTC 2009

On Fri, Nov 20, 2009 at 09:27:35AM +1100,
 Mark Andrews <marka at> wrote 
 a message of 34 lines which said:

> There are also firewalls that block DNS/UDP responses bigger 512
> bytes or block EDNS queries/responses 10 years after the
> introduction of EDNS.  There are also middleware that blocks/drops
> DNS/UDP responses that are fragmented.

This tool may help:

And this one, too:

More information about the bind-users mailing list