[External] Re: intermittent resolution
Matus UHLAR - fantomas
uhlar at fantomas.sk
Thu Oct 31 11:49:00 UTC 2013
On 30.10.13 21:58, Samp, Daniel [USA] wrote:
>In the past when I've had issues with certain .gov sites (e.g. noaa.gov,
> nih.gov, ssa.gov) it was due to application based filtering (layer 4).
> For some reason the responses from these sites are more often than not
> fragmented and if you have something doing filtering based on ports it may
> not be delivering the follow-up fragments because they do not have the tcp
> headers. Do a tcpdump of your DNS traffic from noaa.gov and check to see
> if reponses are being fragmented and whether you are receiving all of the
> fragments.
> We had to set edns-udp-size to 512 as a workaround until we
> could identify the problematic piece of hardware.
this is a server option, not a client option. did you have to set this on
your recursive servers, because HW between them and your clients was
problematic?
If you did find the culprit, can you tell us who was it?
--
Matus UHLAR - fantomas, uhlar at fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
There's a long-standing bug relating to the x86 architecture that
allows you to install Windows. -- Matthew D. Fuller
More information about the bind-users
mailing list