DNS packet size -- what's the correct size
Rob Tanner
rtanner at linfield.edu
Sun Sep 30 16:15:10 UTC 2007
Hi,
It's my understanding that the max DNS packet size is 512 bytes and that
is apparently what Cisco thinks because our firewall is blocking DNS
packets over that size, calling them malformed. The problem is that we
see numerous such packets and the real puzzler is that many of them are
originate with core servers.
The issue is getting serious because there are some sites for which I
can't resolve addresses from on campus, but use an external name server
and those same sites resolve perfectly. And, of course, I'm concerned
that this problem is related the dropping of over sized packets by the
firewall.
Is Cisco's default limit too small? Can someone explain to me what
might be going on.
Thanks,
Rob
--
Rob Tanner
UNIX Services Manager
Linfield College, McMinnville OR
More information about the bind-users
mailing list