Truncated TCP ?
J Doe
general at nativemethods.com
Mon May 6 22:49:25 UTC 2024
On 2024-05-05 20:47, Mark Andrews wrote:
>
>
>> On 6 May 2024, at 07:38, J Doe <general at nativemethods.com> wrote:
>>
>> Hello,
>>
>> I run BIND 9.18.26 as a recursive, validating resolver. In my logs, I
>> noticed the following:
>>
>> 01-May-2024 00:52:49.689 lame-servers: info: truncated TCP response
>> resolving 'www.ipfire.org/A/IN': 74.113.60.134#53
>>
>> I am aware that there are issues with DNS UDP traffic being truncated
>> and/or rejected via firewalls or middle-boxes that enforce limits on
>> expected packet size (I believe one of the goals of a recent Flag Day
>> was to address these configs), but what would lead to truncated TCP
>> traffic in the context of DNS ?
>
> Usually it is a software bug in the server where it doesn’t support 65535 byte
> responses or incorrectly applies UDP limits to TCP. Very occasionally the
> response actually won’t fit in 65535 bytes.
>
> Whatever it was I’m not seeing it now.
>
> Mark
>
>> Thanks,
>>
>> - J
Hi Mark,
When you say "server" do you mean my server (which implies that there is
a TCP/IP stack issue on my end), or the remote server (in this case the
authoritative DNS Server for: www.ipfire.org) ?
Thanks,
- J
More information about the bind-users
mailing list