forwarders not falling back to tcp
Edvard Tuinder
listbind at lunytune.nl
Wed Dec 1 19:34:50 UTC 2004
Hi,
I have a number of nameservers which are within a DMZ and are using
external nameservers for all external resolution. The configuration
is as follows
options {
forwarders { 81.82.11.4; 81.82.11.7; };
forward only;
edns-udp-size 512;
};
For some reason the firewall between the internal and external nameservers
stopped forwarding UDP dns requests, but TCP connections could still be
made. But somehow bind-9.2.1 and bind-9.3.0 do not seem to try using TCP
when used in this setup.
Is this expected behaviour or a bug? This also creeps up for edns
packets I had to limit the advertised edns packet size to 512 bytes
(due to, again, pix configuration issues), as bind does not seem to
retry these via TCP either if the response requires more than 512 bytes.
Any work around, other then fixing the pix?
Thanks,
-Ed
More information about the bind-users
mailing list